I have installed filebeat in a docker machine and trying to connect to ELK server but i get below error
[tomluser@tomlvmtest etc]$ sudo systemctl status filebeat
● filebeat.service - filebeat
Loaded: loaded (/usr/lib/systemd/system/filebeat.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2017-12-06 05:56:36 UTC; 2s ago
Docs: https://www.elastic.co/guide/en/beats/filebeat/current/index.html
Main PID: 62152 (filebeat)
CGroup: /system.slice/filebeat.service
└─62152 /usr/bin/filebeat -c /etc/filebeat/filebeat.yml
Dec 06 05:56:36 tomlvmtest systemd[1]: Started filebeat.
Dec 06 05:56:36 tomlvmtest systemd[1]: Starting filebeat...
Dec 06 05:56:36 tomlvmtest /usr/bin/filebeat[62152]: transport.go:125: SSL client failed to connect with: dial tcp 10.0.0.7:5044: getsockopt: connection refused
Dec 06 05:56:36 tomlvmtest /usr/bin/filebeat[62152]: transport.go:125: SSL client failed to connect with: dial tcp 10.0.0.7:5044: getsockopt: connection refused
Dec 06 05:56:37 tomlvmtest /usr/bin/filebeat[62152]: transport.go:125: SSL client failed to connect with: dial tcp 10.0.0.7:5044: getsockopt: connection refused
It works fine when I install filebeat in ELK server and put IP address as localhost. I believe its the IP/port issue. But port 5044 is already open both ways.
I am also able to ping to the ip address from vm.
Please advise.