kevinlin
(Kevin)
June 24, 2024, 6:00am
1
I have created:
Fleet output (Name: OutLogstash, Type: Logstash, with Server SSL CA, Client SSL cert, Client SSL key)
Fleet Agent policy (Name: WinAgentPolicy, Output for integrations: OutLogstash )
In WinAgentPolicy, add Windows AD
Unfortunately, Agent unhealthy cause by Elastic Defend - Elasticsearch connection failure
How to ask Elastic Defend to use Logstash as output?
lesio
(Leszek Kubik)
June 24, 2024, 12:36pm
2
As a first step run from elevated command line elastic-endpoint test output
"C:\Program Files\Elastic\Endpoint\elastic-endpoint.exe" test output
or
sudo /Library/Elastic/Endpoint/elastic-endpoint test output
or
/opt/Elastic/Endpoint/elastic-endpoint test output
and please do not forget to indicate your stack version when asking questions.
leandrojmp
(Leandro Pereira)
June 24, 2024, 12:38pm
3
Also, what is the license you are using? A paid license or the free basic license?
Do you have any other fleet output configured and being used?
1 Like
kevinlin
(Kevin)
June 25, 2024, 7:48am
4
This is really embarrassing. The test output says:
Logstash server: 172.19.171.160:5044
Status: OpenSSL library call failed
Agent become healthy after I re-paste Server SSL CA, Client SSL cert and Client SSL key in Logstash output again.
1 Like
system
(system)
Closed
July 23, 2024, 7:49am
5
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.