Hi, I have hosted elasticsearch and kibana in one server and filebeat and my application in another server. I want to send my application logs to elasticsearch via filebeat. I have configured my filebeat.yml to IP of elasticsearch and kibana. When i do curl GET on elasticsearch, im getting proper response, but to kibana i'm getting error as "curl: (35) error:0A00010B:SSL routines::wrong version number"
Also when i do "./filebeat setup -e" i'm getting below error.
"message":"Exiting: error importing Kibana dashboards: fail to import the dashboards in Kibana: Error importing directory <path to elk_stack>/elk_stack/filebeat-8.14.3-linux-x86_64/kibana: failed to import Kibana index pattern: 1 error: error loading index pattern: returned 413 to import file: error extracting JSON for error response: invalid character '<' looking for beginning of value. Response: <html>\r\n<head><title>413 Request Entity Too Large</title></head>\r\n<body>\r\n<center>413 Request Entity Too Large</center>\r\n<hr><center>nginx/1.24.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n","service.name":"filebeat","ecs.version":"1.6.0"}
Exiting: error importing Kibana dashboards: fail to import the dashboards in Kibana: Error importing directory <path to elk_stack>/elk_stack/filebeat-8.14.3-linux-x86_64/kibana: failed to import Kibana index pattern: 1 error: error loading index pattern: returned 413 to import file: error extracting JSON for error response: invalid character '<' looking for beginning of value. Response: <html>
<head><title>413 Request Entity Too Large</title></head>
<body>
<center>413 Request Entity Too Large</center>
<hr><center>nginx/1.24.0 (Ubuntu)</center>
</body>
</html>
I have installed elasticsearch and kibana via debian package, referring to below official elasticsearch links.
one more thing I missed mentioning in my previous post, my elastic and kibana is in AWS EC2 instance and my filebeat is inside a docker container. I have allowed all/any connection to my container using this command, docker run -it --net=host imageid bash
If you would like to keep using nginx you just need to identify what path you've put the kibana api behind, like http://nginx:80/kibanaapi and then set setup.kibana.path to that path for example: setup.kibana.path: kibanaapi
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.