Logstash not listening on port 5044

fastxl · September 6, 2019, 7:22pm

I have setup a ELK node that I want to send some logs to via WinLogBeats. Using Ubuntu 18 server. I can ping the node by the ip address and the FQDN, but when I do a Test-NetConnection via powershell it fails. When I do a netstat -an | grep 5044 I get nothing. My input file is

input {
   beats {
        port => 5044
}
   udp { 
        type => pfLogs
        port => 5140
 }
}

No firewall running. Not sure what to try.

spuder · September 6, 2019, 9:22pm

Try running netstat -plnt to show all listening services on the logstash server.

It could be that the service is not bound to a public ip.
It could be that it is only listening on ipv6

Post the output here.

fastxl · September 9, 2019, 1:53pm

Appears that it is listening on TCP6 but not TCP?

Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 127.0.0.1:5601          0.0.0.0:*               LISTEN      678/node
    tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      534/systemd-resolve
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      726/sshd
    tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      745/nginx: master p
    tcp6       0      0 127.0.0.1:9600          :::*                    LISTEN      658/java
    tcp6       0      0 127.0.0.1:9200          :::*                    LISTEN      654/java
    tcp6       0      0 :::5044                 :::*                    LISTEN      658/java
    tcp6       0      0 127.0.0.1:9300          :::*                    LISTEN      654/java
    tcp6       0      0 :::22                   :::*                    LISTEN      726/sshd

After disabling IPV6 it seems to be listening on tcp 5044 now

    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 127.0.0.1:9200          0.0.0.0:*               LISTEN      650/java
    tcp        0      0 0.0.0.0:5044            0.0.0.0:*               LISTEN      667/java
    tcp        0      0 127.0.0.1:9300          0.0.0.0:*               LISTEN      650/java
    tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      533/systemd-resolve
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      707/sshd
    tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      738/nginx: master p
    tcp        0      0 127.0.0.1:9600          0.0.0.0:*               LISTEN      667/java
    tcp        0      0 127.0.0.1:5601          0.0.0.0:*               LISTEN      655/node

system · October 7, 2019, 1:53pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash port 5044 is not listening Logstash	4	2423	December 7, 2017
Logstash is not listening port 5044 Logstash	19	8020	May 16, 2022
Help Me Logstash Not Found 5044 Logstash	1	283	December 4, 2019
Logstash Cannot Listen Port 5044 after fresh install Logstash	3	601	January 5, 2022
Logstash not listening to 5044 Logstash	3	5034	July 29, 2021

Logstash not listening on port 5044

Related topics