Monitoring logstash with port 9600


#1

Hi,
I am running logstash 5.6.4 and I have set
http.port: 9600-9700
in my logstash.yml configuration file.
On the logstash server, all is fine

$ telnet 127.0.0.1 9600
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.

but an another server cannot check the port 9600

$ telnet ud0tx057 9600
Trying 126.246.159.200...
telnet: connect to address 126.246.159.200: Connection refused

but ping and ssh are OK
What's wrong ?
does it exist a netmask to allow/block the other servers ?

thanks for your tips


#2

Does 'telnet 126.246.159.200 9600' work on the server itself? Do you have http.host set to 127.0.0.1? If you do 'netstat -an | grep 9600' then what do you get?


#3

On the server itself, 'telnet 126.246.159.200 9600' does not work

telnet 126.246.159.200 9600
Trying 126.246.159.200...
telnet: connect to address 126.246.159.200: Connection refused

fgrep http. /etc/logstash/logstash.yml
http.host: "127.0.0.1"
http.port: 9600-9700

netstat -an | grep 9600
tcp 0 0 127.0.0.1:9600 0.0.0.0:* LISTEN


#4

OK, so you have http.host set to 127.0.0.1, which is referred to as "localhost". It is only accessible from the server itself. Change http.host to be 126.246.159.200 and anyone will be able to access it remotely.

I cannot speak to the security implications of exposing your monitoring ports to remote access.


#5

thanks, it works


(system) #6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.