First of all I would like to say Hello I would like to say that I'm new in Elastic topics - I need help.
I installed elastic search and graylog for collecting logs from linux environment. I have many linux servers where I already installed graylog-sidecar and auditbeats. My servers are available in graylog sidecars tab. I have simple configuration for auditbeats assigned to the linux machines (assigned from graylog).
Unfortunatelly I don't see any logs in graylog . On all linux machines I see error ERRO[0040] [auditbeat] Unable to validate configuration, timeout reached.
[root@server auditbeat]# graylog-sidecar
INFO[0000] Using node-id: f177ab57-6e9d-41ae-94ba-3050dde1234
INFO[0000] Starting signal distributor
INFO[0010] Adding process runner for: auditbeat
INFO[0010] [auditbeat] Configuration change detected, rewriting configuration file.
ERRO[0040] [auditbeat] Unable to validate configuration, timeout reached.
How I can check why my configuration is unable to validate?
Thanks in advanced