I'm trying to setup ELK and running into problem.
As an aside, I'm finding the documentation and steps very, very confusing - they tend to switch between setting filebeat > logstash, filebeat > elasticsearch and also differ betwen on-prem and hosted...but anyway...
Having setup a 14 day trial on google, I'm trying to setup my filebeat. I'm installing on a Windows machine. I've downloaded the files and have confirmed the settings in the filebeat.yaml file.
I have entered my cloud.id and cloud.auth but when I run "filebeat.exe setup" I get an error message stating a 401 error. The output also shows the url which seems to have 443 on the end of it.
I've tried removing the cloud.id and cloud.auth and instead setting it within the output.elasticsearch via the hosts, username and password fields - this still does not work.
Just to confirm, under the hosts I have tried explictly setting the port but still no luck.
Can someone help please?
Also, if anyone has a CLEAR walkthrough on getting this setup then I'd love to read it!
Regards,
Wayne