Failed to connect to backoff - Forbidden

pmatula · September 2, 2019, 2:20pm

Hi,
I installed winlogbeat and used an existing and working winlogbeat.yml - but on this client, I get the error:

Failed to connect to backoff(elasticsearch(https://elasticserver:9200)): Get https://elasticserver:9200: Forbidden

I ran the test output command:

elasticsearch: https://elasticserver:9200...
  parse url... OK
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 10.10.10.100
    dial up... OK
  TLS...
    security: server's certificate chain verification is enabled
    handshake... OK
    TLS version: TLSv1.2
    dial up... OK
  talk to server... ERROR Get https://elasticserver:9200: Forbidden

My yml file (this file worked on another machines):

winlogbeat.event_logs:
  - name: Application
    ignore_older: 72h
    level: critical, error, warning

  - name: System
    ignore_older: 72h
    level: critical, error, warning

setup.template.settings:
  index.number_of_shards: 1

setup.kibana:
  host: "https://elasticserver:5601"

output.elasticsearch:
  hosts: ["https://elasticserver:9200"]
  protocol: "https"
  username: "winlogbeat"
  password: "secret"

processors:
  - add_host_metadata: ~
  - add_cloud_metadata: ~

Does anyone have an Idea why this issue happens?

system · September 30, 2019, 2:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Winlogbeat Connection Refused Beats winlogbeat	3	1982	December 11, 2019
●[TLS] Question: Secure communication between Winlogbeat/ElasticSearch causes an error Beats elastic-stack-security , winlogbeat	3	315	February 9, 2024
Winlogbeat unable to connect to elasticsearch Beats winlogbeat	1	792	November 25, 2020
Winlogbeat error connecting to ElasticSearch Elasticsearch	10	59	August 26, 2024
[error connecting to Elasticsearch at https:certificate signed by unknown authority Beats winlogbeat	4	9677	April 6, 2021

Failed to connect to backoff - Forbidden

Related topics