Hi,
TLS is not enabled on the filebeat or logstash config and im seeing the below error when trying to ingest logs from a fllebeats agent:
[2020-03-16T13:12:20,101][INFO ][org.logstash.beats.BeatsHandler][main] [local: 10.142.43.22:5044, remote: 10.142.32.56:55350] Handling exception: org.logstash.beats.InvalidFrameProtocolException: Invalid version of beats protocol: 71
[2020-03-16T13:12:20,104][WARN ][io.netty.channel.DefaultChannelPipeline][main] An exceptionCaught() event was fired, and it reached at the tail of the pipeline. It usually means the last handler in the pipeline did not handle the exception.
Another error follows but with Invalid version of beats protocol: 69
Logstash Version: 7.6.1 Tried AmazonLinux and Ubuntu 18.04
Filebeats Version 7.6.1 AmazonLinux & Win2019 (also tried 7.4.0 on AmazonLinux)
Filebeat config:
#----------------------------- Logstash output --------------------------------
#output.logstash:
The Logstash hosts
hosts: ["http://10.142.43.22:5044"]
Optional SSL. By default is off.
List of root certificates for HTTPS server verifications
#ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
Certificate for SSL client authentication
#ssl.certificate: "/etc/pki/client/cert.pem"
Client Certificate Key
#ssl.key: "/etc/pki/client/cert.key"
Logstash Config:
input {
beats {
port => 5044
}
}
A curl test triggers the same error.
Have also configured TLS, verified certs with openssl and get the same errors with TLS enabled.
Enabled debug logging but it didnt provide any further clues as to the cause of the issue from what i could tell.
Any assistance on this would be greatly appreciated.
Cheers
Sam
