Hello,
I just installed newest Elastic SIEM on my system. All seems fine at this moment. I have filebeat set up on the server etc.
But when I try endpoint security then I run into a problem and I get an error that I can not find how to solve:
siem@siem:~/elastic-agent-8.1.0-linux-x86_64$ sudo ./elastic-agent install \
> --fleet-server-es=http://172.23.27.98:9200 \
> --fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2NDY4MjU0NTQ2NzU6V09RbURVak9RMy0tUG0yeVZ2b3ZtUQ \
> --fleet-server-policy=34da2970-9f9c-11ec-83d5-65e20cafef36 \
> --fleet-server-insecure-http
Elastic Agent will be installed at /opt/Elastic/Agent and will run as a service. Do you want to continue? [Y/n]:y
{"log.level":"info","@timestamp":"2022-03-09T11:31:10.254Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":744},"message":"Waiting for Elastic Agent to start Fleet Server","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2022-03-09T11:31:12.256Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":777},"message":"Fleet Server - Starting","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2022-03-09T11:31:16.260Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":777},"message":"Fleet Server - Error - failed version compatibility check with elasticsearch: unsupported version","ecs.version":"1.6.0"}
Error: fleet-server failed: context canceled
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.1/fleet-troubleshooting.html
Error: enroll command failed with exit code: 1
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.1/fleet-troubleshooting.html
siem@siem:~/elastic-agent-8.1.0-linux-x86_64$
What is "Fleet Server - Error - failed version compatibility check with Elasticsearch: unsupported version","ecs.version":"1.6.0"" error I do not know.
I have gone through same installation a lot of times and never I have received this error once.
Please help me how to fix it.