Hello everyone,
Once again I am asking for your valuable help.
I have ELK installed for testing purposes before moving configurations to production, I am currently working with logstash, elasticsearch and kibana on the same server.
I have been asked to install Elastic Agent and with the help of a tutorial I have followed the steps of going to kibana, going to Fleet and adding the server (which would also be on the same server where I have ELK).
Elastic Agent will be installed at /opt/Elastic/Agent and will run as a service. Do you want to continue? [Y/n]:Y
[ ==] Service Started [2s] Elastic Agent successfully installed, starting enrollment.
[== ] Waiting For Enroll... [4s] {"log.level":"info","@timestamp":"2024-08-27T20:22:57.918Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":434},"message":"Generating self-signed certificate for Fleet Server","ecs.version":"1.6.0"}
[ ] Waiting For Enroll... [5s] {"log.level":"info","@timestamp":"2024-08-27T20:22:58.831Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":480},"message":"Restarting agent daemon, attempt 0","ecs.version":"1.6.0"}
[====] Waiting For Enroll... [7s] {"log.level":"info","@timestamp":"2024-08-27T20:23:00.834Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":815},"message":"Waiting for Elastic Agent to start","ecs.version":"1.6.0"}
[====] Waiting For Enroll... [11s] {"log.level":"info","@timestamp":"2024-08-27T20:23:04.839Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":865},"message":"*Fleet Server - Error - failed version compatibility check with elasticsearch: x509: certificate signed by unknown authority","ecs.version":"1.6.0"}*
[ ] Waiting For Enroll... [2m5s] Error: fleet-server failed: timed out waiting for Fleet Server to start after 2m0s
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.14/fleet-troubleshooting.html
[ ==] Uninstalled [2m6s] Error uninstalling. Printing logs
2024-08-27T20:24:59.145Z DEBUG [install] Loaded configuration from /home/superuser/elastic-agent-8.14.3-linux-x86_64/elastic-agent-8.14.3-linux-x86_64/elastic-agent.yml
2024-08-27T20:24:59.145Z DEBUG [install] Merged configuration from /home/superuser/elastic-agent-8.14.3-linux-x86_64/elastic-agent-8.14.3-linux-x86_64/elastic-agent.yml into result
2024-08-27T20:24:59.146Z DEBUG [install] Merged all configuration files from [/home/superuser/elastic-agent-8.14.3-linux-x86_64/elastic-agent-8.14.3-linux-x86_64/elastic-agent.yml], no external input files
2024-08-27T20:24:59.146Z DEBUG [install.composable] Starting controller for composable inputs
2024-08-27T20:24:59.146Z DEBUG [install.composable] Started controller for composable inputs
2024-08-27T20:24:59.146Z DEBUG [install.composable] kubernetes_secrets provider skipped, unable to connect: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2024-08-27T20:24:59.146Z DEBUG [install.composable] Kubernetes leaderelection provider skipped, unable to connect: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2024-08-27T20:24:59.146Z DEBUG [install.composable.providers.kubernetes] Kubernetes provider for resource pod skipped, unable to connect: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2024-08-27T20:24:59.147Z DEBUG [install.composable.providers.kubernetes] Kubernetes provider for resource node skipped, unable to connect: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2024-08-27T20:24:59.146Z DEBUG [install.composable] Variable state changed for composable inputs; debounce started
2024-08-27T20:24:59.148Z INFO [install.composable.providers.docker] Docker provider skipped, unable to connect: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
2024-08-27T20:24:59.247Z DEBUG [install.composable] Computing new variable state for composable inputs
2024-08-27T20:24:59.247Z DEBUG [install.composable] Stopping controller for composable inputs
2024-08-27T20:24:59.347Z DEBUG [install.composable] Stopped controller for composable inputs
Error: enroll command failed for unknown reason: exit status 1
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.14/fleet-troubleshooting.html
Elasticsearch.yml
discovery.type: single-node
# Enable security features
xpack.security.enabled: true
#xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: /etc/elasticsearch/certs/http.p12
# keystore.password: elastic2020.
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: /etc/elasticsearch/certs/http.p12
truststore.path: /etc/elasticsearch/certs/http.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
#cluster.initial_master_nodes: ["elkpruebas"]
# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
#http.host: 0.0.0.0
# Allow other nodes to join the cluster from anywhere
# Connections are encrypted and mutually authenticated
#transport.host: 0.0.0.0
Thank you very much, if you can help me
