Failed to start Filebeat sends log files to Logstash or directly to Elasticsearch

You were right! This worked and versioning was the actual cause-which made me struggle uptil now!

Thanks a lot, I would have never be able to do this without your help! I do not have enough words to thank you. You really helped me a lot and saved me :slight_smile:

1 Like

In my docker-compose.yaml file, when I change the path of source from conf to config- my Kibana alerts are disabled and it says to enable TLS:

PS. I am changing the source path from conf to config in order to enable user login in Kibana

Here is my docker-compose.yaml file:

services: 
  elasticsearch: 
    build:
      context: elasticsearch/
    container_name: elasticsearch
    volumes:
      - type: bind
        source: ./elasticsearch/conf/elasticsearch.yml
        target: /usr/share/elasticsearch/config/elasticsearch.yml
        read_only: true
      - type: volume
        source: elasticsearch
        target: /usr/share/elasticsearch/data
    ports:
      - "9200:9200"
    environment:
      ES_JAVA_OPTS: "-Xmx2g -Xms2g"
      ELASTIC_PASSWORD: 
      ELASTIC_USERNAME : 
      # Use single node discovery in order to disable production mode and avoid bootstrap checks.
      # see: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
      discovery.type: single-node
    networks:
      - elastic
    restart: always
  
  logstash:
    container_name: logstash
    build: 
      context: logstash/
    # command: logstash -f /conf/logstash.conf
    volumes:
      - type: bind
        source: ./logstash/conf/logstash.yml
        target: /usr/share/logstash/config/logstash.yml
        read_only: true
      - type: bind
        source: ./logstash/pipeline
        target: /usr/share/logstash/pipeline
        read_only: true
    ports:
     - "5043:5043"
     - "5044:5044"
    environment:
      LS_JAVA_OPTS: "-Xmx1g -Xms1g"
    networks:
      - elastic
    depends_on:
     - elasticsearch
    restart: always

  kibana:
    build:
      context: kibana/
    container_name: 
    environment:
      XPACK_APM_SERVICEMAPENABLED: "true"
      XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: " "
    volumes:
      - type: bind
        source: ./kibana/conf/kibana.yml
        target: /usr/share/kibana/config/kibana.yml
        read_only: true
    ports:
      - "5601:5601"
    networks:
        - elastic
    depends_on:
      - elasticsearch
    restart: always

Can you please help me what I'm missing?

Alerts require TLS. Always have, I don't think that is just because you changed your path.

Are you sure it worked before you changed it? I suspect Alerts did not function before.

Alerts require pretty much a fully secured cluster.

Here are the instructions I would be very careful and follow them closely.

I am confused why you are also running on such and old version 7.9.2

yes, When the path was conf alerts were working.

Also, I'm using Elastic version 7.9.2 as in our Dockerfile we pull this image version from Docker hub configured in our elastic codebase

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.