Help with kibana and elastic-agent no work

i have elasticsearch kibana and elastic-agent installed ok.

but elastic-agent not work in kibana, I ALWAYS SAY LISTENING FOR AGENT WHEN I GO TO CLICK ADD AGENT. IN STEP 3 IN INTEGRATION POLICIE CONFIRM AGENT ENROLLMENT, I AM TRYING TO INSTALL SURICATA HERE IN KIBANA BUT I AM NOT SUCCESSFUL, ON PC IT IS WORKING.

sudo systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
Loaded: loaded (/lib/systemd/system/elasticsearch.service; enabled; vendor>
Active: active (running) since Wed 2023-01-04 10:57:24 WET; 3h 24min ago
Docs: https://www.elastic.co
Main PID: 28810 (java)
Tasks: 93 (limit: 9240)
Memory: 4.2G
CPU: 23min 43.690s
CGroup: /system.slice/elasticsearch.service
├─28810 /usr/share/elasticsearch/jdk/bin/java -Xms4m -Xmx64m -XX:+>
├─28870 /usr/share/elasticsearch/jdk/bin/java -Des.networkaddress.>
└─28892 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux->

sudo systemctl status kibana
● kibana.service - Kibana
Loaded: loaded (/lib/systemd/system/kibana.service; enabled; vendor preset>
Active: active (running) since Wed 2023-01-04 09:02:14 WET; 5h 19min ago
Docs: https://www.elastic.co
Main PID: 1186 (node)
Tasks: 11 (limit: 9240)
Memory: 314.4M
CPU: 11min 3.376s
CGroup: /system.slice/kibana.service
└─1186 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bi>

sudo systemctl status elastic-agent

● elastic-agent.service - Elastic Agent is a unified agent to observe, monitor >
Loaded: loaded (/etc/systemd/system/elastic-agent.service; enabled; vendor>
Active: active (running) since Wed 2023-01-04 09:01:31 WET; 5h 20min ago
Main PID: 854 (elastic-agent)
Tasks: 79 (limit: 9240)
Memory: 229.7M
CPU: 13min 55.694s
CGroup: /system.slice/elastic-agent.service
├─ 854 /opt/Elastic/Agent/elastic-agent
├─ 1120 /opt/Elastic/Agent/data/elastic-agent-0e1a73/install/fileb>
├─ 1181 /opt/Elastic/Agent/data/elastic-agent-0e1a73/install/metri>
├─ 1199 /opt/Elastic/Agent/data/elastic-agent-0e1a73/install/fileb>
├─ 1220 /opt/Elastic/Agent/data/elastic-agent-0e1a73/install/metri>
└─28982 /opt/Elastic/Agent/data/elastic-agent-0e1a73/install/fleet>

Please don't use all caps, it's considered rude and can be difficult to read.

It'd be good if you could share some logs from Kibana or some screenshots showing what is happening.

thank you

here is screenshot

number 3 confirm agent enrollment stay ever in listening for agent

Captura de ecrã de 2023-01-05 09-47-36.png1366×768 143 KB

sorry forgot kibana log

(Attachment log_kibana is missing)

sorry forget log kibana, log is on /var/log/kibana

{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:31.837+00:00","message":"Installed resources for index .alerts-observability.metrics.alerts","log":{"level":"INFO","logger":"plugins.ruleRegistry"},"process":{"pid":1171},"trace":{"id":"d840a6164f1c5dfb6e3cd22aa0b13dc1"},"transaction":{"id":"6131725c59016996"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:31.839+00:00","message":"Installed resources for index .preview.alerts-security.alerts","log":{"level":"INFO","logger":"plugins.ruleRegistry"},"process":{"pid":1171},"trace":{"id":"d840a6164f1c5dfb6e3cd22aa0b13dc1"},"transaction":{"id":"6131725c59016996"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:34.616+00:00","message":"Fleet setup completed","log":{"level":"INFO","logger":"plugins.fleet"},"process":{"pid":1171},"trace":{"id":"89380635b2449bda28933c2c68cd231e"},"transaction":{"id":"03841e1e5a05f81c"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:35.196+00:00","message":"Dependent plugin setup complete - Starting ManifestTask","log":{"level":"INFO","logger":"plugins.securitySolution"},"process":{"pid":1171},"trace":{"id":"89380635b2449bda28933c2c68cd231e"},"transaction":{"id":"03841e1e5a05f81c"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:35.314+00:00","message":"Installed synthetics index templates","log":{"level":"INFO","logger":"plugins.synthetics"},"process":{"pid":1171},"trace":{"id":"89380635b2449bda28933c2c68cd231e"},"transaction":{"id":"03841e1e5a05f81c"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:42.773+00:00","message":"Kibana is now available (was degraded)","log":{"level":"INFO","logger":"status"},"process":{"pid":1171},"trace":{"id":"759814578b4f3fc78dd53594dbf07e7a"},"transaction":{"id":"17810226225efb9d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:47.193+00:00","message":"Kibana is now degraded (was available)","log":{"level":"INFO","logger":"status"},"process":{"pid":1171},"trace":{"id":"8488333f81023df071be6e9f82e9fd35"},"transaction":{"id":"c6af0a8ad9416714"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:47.196+00:00","message":"Task ML:saved-objects-sync-task: No ML saved objects in need of synchronization","log":{"level":"INFO","logger":"plugins.ml"},"process":{"pid":1171},"trace":{"id":"89380635b2449bda28933c2c68cd231e"},"transaction":{"id":"efeaf9c76871a147"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2023-01-05T11:29:52.784+00:00","message":"Kibana is now available (was degraded)","log":{"level":"INFO","logger":"status"},"process":{"pid":1171},"trace":{"id":"89380635b2449bda28933c2c68cd231e"},"transaction":{"id":"efeaf9c76871a147"}}

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.