Incident Observability

Instale el stack de elk (elasticsearch, kibana, y por ultimo apm) version 8.x

Esto estado montado todo sobre un ec2 en aws. Pareciera que todo funcionara perfecto, pero cuando el problema que tengo es que cuando ingreso al kibana a la parte de Observability --> services, me devuelve a la pagina de Observability donde sale el mensaje de " Welcome to Elastic Observability!" sin arrojarme ningun error. Estoy perdido ya nose que revisar. Les comparto parte de mi configuracion.

y adjunto screen1: es donde me redirreciona cuando quiero ingresar por ejemplo a observavity --> services
screen2: Si ejecuto Launc APM, tambien me redirecciona al screen1

elasticsearch.yml:

Use a descriptive name for your cluster:

cluster.name: elastic-cluster

------------------------------------ Node ------------------------------------

Use a descriptive name for the node:

node.name: node-elk-1

Add custom attributes to the node:

#node.attr.rack: r1

By default Elasticsearch is only accessible on localhost. Set a different

address here to expose this node on the network:

#network.host: 192.168.0.1
network.host: 0.0.0.0

Enable security features

xpack.security.enabled: true

xpack.security.enrollment.enabled: true

Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents

xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12

Enable encryption and mutual authentication between cluster nodes

xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12

Create a new cluster with the current node only

Additional nodes can still join the cluster later

cluster.initial_master_nodes: ["ip-172-32-0-160"]

========

kibana.yml:

Kibana is served by a back end server. This setting specifies the port to use.

#server.port: 5601

Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.

The default is 'localhost', which usually means remote machines will not be able to connect.

To allow connections from remote users, set this parameter to a non-loopback address.

server.host: "0.0.0.0"

The Kibana server's name. This is used for display purposes.

server.name: "kibana-server"

=================== System: Elasticsearch ===================

The URLs of the Elasticsearch instances to use for all your queries.

elasticsearch.hosts: ["https://172.32.0.160:9200"]

If your Elasticsearch is protected with basic authentication, these settings provide

the username and password that the Kibana server uses to perform maintenance on the Kibana

index at startup. Your Kibana users still need to authenticate with Elasticsearch, which

is proxied through the Kibana server.

elasticsearch.username: "kibana_system"
elasticsearch.password: "prometeo2022"

Enables you to specify a path to the PEM file for the certificate

authority for your Elasticsearch instance.

elasticsearch.ssl.certificateAuthorities: [ "/etc/kibana/certs/http_ca.crt" ]

=========================================================

apm-server.yml:

output.elasticsearch:

Array of hosts to connect to.

Scheme and port can be left out and will be set to the default (http and 9200).

In case you specify and additional path, the scheme is required: http://localhost:9200/path.

IPv6 addresses should always be defined as: https://[2001:db8::1]:9200.

hosts: ["https://172.32.0.160:9200"]

Authentication credentials - either API key or username/password.

#api_key: "id:api_key"
username: "apm_server_user"
password: "apm2022"

List of root certificates for HTTPS server verifications.

#ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
ssl.certificate_authorities: ["/etc/apm-server/certs/http_ca.crt"]


This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.