I am trying to configure Logstash for my network. I try to forward logs from a windows server 2012 via winlogbeat to my centos7 servers logstash instance and from there into my elasticsearch. This somehow doesn't work. I can start logstash but it's not doing anything
This is my logstash configuration file
input {
beats {
port => 5044
}
}
output {
elasticsearch {
hosts => ["http://192.168.0.86:9200"]
index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
#user => "elastic"
#password => "changeme"
}
}
and this is my winlogbeat.yml
winlogbeat.event_logs:
- name: System
output.logstash:
hosts:
- 192.18.0.86:5044
logging.to_files: true
logging.files:
path: C:/ProgramData/winlogbeat/Logs
logging.level: info
I can make a connection to my centos server from my windos server and the port is open as well. So it's no connection problem.
I am totally new to elk and I don't really know where to start troubleshooting