Hello,
I need your assistance. I set up an Elastic cluster using the enrollment token method, including Kibana, and everything is working correctly the data nodes have their respective roles, etc.
The issue is with the Fleet Server. It is not sending information, and it seems to be a certificate problem. It should be writing to x.x.x.x:9200, but as a result, no logs are being ingested. How can I resolve this issue?
You didn't show us how you installed the fleet server so we'd only be guessing.
You need to look at the logs...
And how you installed the fleet server
And the default elasticsearch output if the fleet settings you probably left it as the default and you need to put the actual IP address and or HTTPs into it
Perhaps look at this
--fleet-server-es=https://:….:9200 --fleet-server-service-token= --fleet-server-policy=fleet-server-policy --fleet-server-es-ca-trusted-fingerprint=********* --fleet-server-port=8220
Thank you very much for your response. When setting up the cluster with the enrollment token, the certificate handling should be taken care of automatically, correct?
I believe Fleet is not sending data to Elasticsearch because I haven’t specified a Certificate Authority. I cannot extract the password from the OpenSSL PKCS12 becauseall the nodes done automatically,by enrollment token method.
I find solution it was role problem which one came from YAML file, thank you so much @stephenb
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
