Hey all,
I have an Ubuntu VM running Elasticsearch and Kibana, and I'm trying to use Filebeat OSQuery module to pass OSQuery data to Elasticsearch. I enabled the OSQuery module on my client macOS system and am trying to run the initial setup:
./filebeat setup --modules=osquery
However, no matter what I try, I get the following:
Loaded index template
Exiting: Error importing Kibana dashboards: fail to create the Kibana loader: Error creating Kibana client: fail to get the Kibana version:HTTP GET request to /api/status fails: fail to execute the HTTP GET request: Get http://172.16.16.23:5601/api/status: dial tcp 172.16.16.23:5601: getsockopt: connection refused. Response: .
So it seems to connect to Elasticsearch just fine, but never Kibana. Firewall is turned of on both now for testing, just FYI.
I'm running the latest versions of everything.
Missing something?