Logstash Forwarder Error in Windows

rameeelastic · July 8, 2015, 11:23am

Hi All

I am running ELK stack on windows OS , below is the versions
ElasticSearch -- 1.6.0
LogStash -- 1.5.2
Kibana -- 4.1.1

I am trying to push logs from local windows laptop to ELK windows server using logstash forwarder.
I am getting the below error

2015/07/08 16:43:29.617042 Connecting to [0.I0.17.48]:135 (0.10.17.48)
2015/07/08 16:43:59.641515 Failed to tls handshake with 0.10.17.48 WSARecv t
cp 1.20.9.8:49657: i/o timeout

Below is the logstash forwarder conf file entry

{
"network": {
"servers": [ "0.I0.17.48:135" ],
"timeout": 30,
"ssl ca": "C:\Samples\ELK\certificates\certificate.crt"
},

The list of files configurations

"files": [
{
"paths": [
"C:/Samples/ELK/TestLogs/testiis.log"
],
"fields": { "type": "iis" }
}
]
}

Not sure why this error is occurring . On the Server the Logstash conf is having input pointed to a file.
Do i need to change the input to tcp ?

warkolm · July 8, 2015, 11:26am

I'd check your SSL setup first, make sure everything is 100%.

rameeelastic · July 16, 2015, 11:48am

That was it , I had to create a certificate with proper IP SAN details.
Thanks

ShraddhaBandhakavi · November 26, 2015, 5:27am

hi please help me how to install logstash forwarder on windows

warkolm · November 26, 2015, 8:33pm

Please start your own thread.