Kibana stops working once winlogbeat starts

SSP · December 23, 2020, 2:46pm

Hello,

I'm new to the whole ELK stack, followed the setup instructions/guidance and installed on CentOS 8.
Java, NGINX, Elasticsearch, Kibana and logstash installed successfully, I'm able to reach the kibana web interface and all services are running on the machine. My issue started after Winlogbeat was installed, and configured according to the instructions, on a windows server 2012 R2 , a few moments after winlogbeat service starts on this server, it seems like Kibana crashes and I'm not able to access the webUI, if I wanted to restart the ELK processes, they hang-up and never restart.

there are no logs in the default location where Kibana is supposed to create the logs file, and if I configure that manually, the service does not start. I was wondering if someone could help me review the config/YML files. (although there hasn't been any major changes from those that are set by default.)

help is much appreciated.

AClerk · December 23, 2020, 11:09pm

When service not starting, what is the error?
Try the following:

Create the log directory manually

mkdir /var/log/kibana

Configure in kibana.yml

logging.dest: /var/log/kibana/

And give write permissions

chmod...
chown...

warkolm · December 24, 2020, 5:25am

Welcome to our community!

If you have errors, please post them. Please format your code/logs/config using the </> button, or markdown style back ticks. It helps to make things easy to read which helps us help you.

Also you shouldn't need nginx to setup the stack, that's a bit of a legacy thing from what I have seen.

system · January 21, 2021, 5:25am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.