Fleet Server Problems

Hello,

I just installed newest Elastic SIEM on my system. All seems fine at this moment. I have filebeat set up on the server etc.

But when I try endpoint security then I run into a problem and I get an error that I can not find how to solve:

siem@siem:~/elastic-agent-8.1.0-linux-x86_64$ sudo ./elastic-agent install   \
>   --fleet-server-es=http://172.23.27.98:9200 \
>   --fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2NDY4MjU0NTQ2NzU6V09RbURVak9RMy0tUG0yeVZ2b3ZtUQ \
>   --fleet-server-policy=34da2970-9f9c-11ec-83d5-65e20cafef36 \
>   --fleet-server-insecure-http
Elastic Agent will be installed at /opt/Elastic/Agent and will run as a service. Do you want to continue? [Y/n]:y
{"log.level":"info","@timestamp":"2022-03-09T11:31:10.254Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":744},"message":"Waiting for Elastic Agent to start Fleet Server","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2022-03-09T11:31:12.256Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":777},"message":"Fleet Server - Starting","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2022-03-09T11:31:16.260Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":777},"message":"Fleet Server - Error - failed version compatibility check with elasticsearch: unsupported version","ecs.version":"1.6.0"}
Error: fleet-server failed: context canceled
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.1/fleet-troubleshooting.html
Error: enroll command failed with exit code: 1
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.1/fleet-troubleshooting.html
siem@siem:~/elastic-agent-8.1.0-linux-x86_64$

What is "Fleet Server - Error - failed version compatibility check with Elasticsearch: unsupported version","ecs.version":"1.6.0"" error I do not know.

I have gone through same installation a lot of times and never I have received this error once.

Please help me how to fix it.

Debugging currently happens in this issue: Elastic Fleet Server problem · Issue #1210 · elastic/fleet-server · GitHub Lets keep the conversation in a single place.

Hello.
I have resolved this one. This was due to my shit knowledge and lack of work with Elastic products (just started to learn).

When installed new 8.1 version and connected with Kibana I did for some reason put httpS<< in fleet server URL and then there was a problem with those versions and I guess certificates as well. Now it works for me at least. Thanks!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.