Running two separate elasticsearch one for an elk install and another for a network analysis toolset. The plan was to ship the network logs from the network tool to elk for further AI capabilities. However, the logstash is throwing this error on the network tool.
logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://elastic:xxxxxx@0.0.0.0:9201/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://elastic:xxxxxx@0.0.0.0:9201/][Manticore::SocketException] Connection refused (Connection refused)"}
The current configuration is being tested in a dev environment. Both entities are configured for SSL and using the same self-signed cert. I configured the external password into the Keystore. both instances are running fine independently but they just can't talk to each other.
The docker for both entities has separate networks but the elk stack is configured with open ports.
elasticsearch:elastdocker-7.13.3 0.0.0.0:9201->9200/tcp, :::9201->9200/tcp
I am not sure what the next steps are.