Failed to connect to backoff - Forbidden

Hi,
I installed winlogbeat and used an existing and working winlogbeat.yml - but on this client, I get the error:

Failed to connect to backoff(elasticsearch(https://elasticserver:9200)): Get https://elasticserver:9200: Forbidden

I ran the test output command:

elasticsearch: https://elasticserver:9200...
  parse url... OK
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 10.10.10.100
    dial up... OK
  TLS...
    security: server's certificate chain verification is enabled
    handshake... OK
    TLS version: TLSv1.2
    dial up... OK
  talk to server... ERROR Get https://elasticserver:9200: Forbidden

My yml file (this file worked on another machines):

winlogbeat.event_logs:
  - name: Application
    ignore_older: 72h
    level: critical, error, warning

  - name: System
    ignore_older: 72h
    level: critical, error, warning

setup.template.settings:
  index.number_of_shards: 1

setup.kibana:
  host: "https://elasticserver:5601"

output.elasticsearch:
  hosts: ["https://elasticserver:9200"]
  protocol: "https"
  username: "winlogbeat"
  password: "secret"

processors:
  - add_host_metadata: ~
  - add_cloud_metadata: ~

Does anyone have an Idea why this issue happens?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.