I have two different environments: in "environment-a" there is ELK stack running using docker containers, and in "environment-b" there is a dockerised application that should sent logs using filebeat.
The environments use NAT system.
This is my filebeat config:
filebeat.inputs: - type: log paths: - /var/tmp/app_*.log output.logstash: hosts: ["IP_ENV_A:5044"] ssl.verification_mode: none bulk_max_size: 1024
This is the logstash config:
port => 5044
codec => rubydebug
This is the error that I get in filebeat logs (the port "48538" change every time the ERROR is generated):
ERROR pipeline/output.go:100 Failed to connect to backoff(async(tcp://IP_ENV_A:5044)): read tcp 172.x.x.x:48538->IP_ENV_A:5044: read: connection reset by peer
I can telnet IP_ENV_A 5044.