Hello. I'm trying to get some log files from windows pc. And I can observe the following log message every time when I restart FileBeat service on Windows PC
{:timestamp=>"2016-09-09T04:59:41.233000-0400", :message=>"Beats Input: Remote connection closed", :peer=>"192.yyy.10.zzz:51545", :exception=>#<Lumberjack::Beats::Connection::ConnectionClosed: Lumberjack::Beats::Connection::ConnectionClosed wrapping: Errno::ECONNRESET, Connection reset by peer - Connection reset by peer>, :level=>:warn}
Here is my FileBeat config file:
############################# Filebeat ######################################
filebeat:
prospectors:
- c:\windows\WindowsUpdate.log
input_type: log
registry_file: "C:/ProgramData/filebeat/registry"
output:
logstash:
# The Logstash hosts
hosts: ["192.xxx.0.xxx:5044"]
shipper:
logging:
to_syslog: false
to_files: true
files:
path: c:\PROGRA~1/filebeat
name: filebeat.log
level: debug
And Logstash config is published below:
input {
beats {
type => beats
port => 5044
}
}
filter {
}
output {
elasticsearch {
hosts => "localhost:9200"
}
}
And I'd like to say that I can see neither TCP nor UDP 5044 open ports when I implement netstat -l command. Example is below
/var/log/logstash# netstat -l | grep 5044
tcp6 0 0 [::]:5044 [::]:* LISTEN
And I suppose that it's a problem, but I have no idea what should I do with it.
Could you please help me to sovle this issue?
Thanks in advance!