This is a really basic question, but I have done some googling with no positive results.
I just spun up an install of winlogbeat using the instructions in the configuration documentation. It was all fine and dandy, and is now running .
My issue is that my logs are not being shipped to my elasticsearch instance. I have no TLS enabled. Here is the error I am seeing in the logs:
2016-04-13T18:23:35Z DBG ES Ping(url=http://10.8.112.215:9200/tmp/winlogbeat, timeout=1m30s)
2016-04-13T18:23:35Z DBG Ping request failed with: 404 Not Found
When I try to access this URL, I get the following:
{"error":{"root_cause":[{"type":"illegal_argument_exception","reason":"No feature for name [winlogbeat]"}],"type":"illegal_argument_exception","reason":"No feature for name [winlogbeat]"},"status":400}
Here is my winlogbeat.yml (relevant portion)
output:
### Elasticsearch as output
elasticsearch:
hosts: ["10.8.112.215"]
So my elasticsearch is available, but the feature winlogbeat is not available. Did I miss some simple config somewhere in the setup?
For the record, I already have logstash running on the same box as Elasticsearch with no issues.
Thanks in advance!