Hi,
I installed Elastic, Kibana and Heartbeat as instructed. All 7.4, Ubuntu 18.04 and all working fine.
With Filebeat, on another Ubuntu I installed Filebeat and this is can't connect to Elastic: "Connection refused". There are many posts on the internet, any old. I tried network.host: 0.0.0.0, but then Elastic won't (re)start.
It's all internal network.
That's the way to go.
Hopefully, when elasticsearch does not start it gives you some logs.
A wild guess is that you are hitting a bootstrap check issue. In which case please read Bootstrap Checks | Elasticsearch Guide [8.11] | Elastic
Thanks for your quick answer! With that option elastic is starting.
Some steps further now. An error ocucuring in the next steps I will investigate first like with: filebeat setup -e, error in Kibana. Will try first myself.
Thanks a lot!
Hi David,
Filebeat is running now and a lot of syslog events (from my syslog server) are coming in. Compared to splunk, the same amount so that's running fine. Thanks!
Something is still wrong with 'filebeat set -e'. I think somewhere in the install scripts/config files there are some http:/localhost:9200 left
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.