/etc/filebeat/filebeat.yml
filebeat:
prospectors:
-
paths:
- /var/log/auth.log
- /var/log/syslog
# - /var/log/*.log
input_type: log
document_type: syslog
registry_file: /var/lib/filebeat/registry
output:
logstash:
hosts: ["10.33.30.76:5044"]
bulk_max_size: 1024
tls:
certificate_authorities: ["/etc/pki/tls/certs/logstash-forwarder.crt"]
certificate_key: ["/etc/pki/tls/private/logstash-forwarder.key"]
shipper:
logging:
files:
rotateeverybytes: 10485760 # = 10MB
/usr/share/filebeat/bin/filebeat -c /etc/filebeat/filebeat.yml -e -v
ERR Failed to publish events caused by: read tcp 10.33.255.24:55308->10.33.30.76:5044: i/o timeout
INFO Error publishing events (retrying): read tcp 10.33.255.24:55308->10.33.30.76:5044: i/o timeout
ERR SSL client failed to connect with: read tcp 10.33.30.73:34521->10.33.30.76:5044: i/o timeout
I need anybody's help.
How can I create certificate