Hi i have set up elk on centos machine
my client is a ubuntu machine
all the service are running but when i try to send logs to my elk server filebeat log reports error
INFO Error publishing events (retrying): read tcp clientip->hostip read: connection reset by peer
filebeat - 5.4
Can you dump your conf files here? at least for filebeat.
The error explains that it couldn't connect to elasticsearch, it should be running in http://localhost:9200 by default, can you check it's working first?
the problem was resolved actually the new version of elk and filebeat don't support tls ,instead tls certificates are now defined in ssl certificate section
thank for the help elk team
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.