I have searched all the other posts on this topic, but none of the other answers seemed to help resolve my problem.
My configuration is pretty simple. It's basically straight out of the documentation.
I have Elasticsearch and Kibana on a Linux server, IP address X.X.X.X.
I have a Windows client with winbeatlogin installed at IP address X.X.X.Y
Elasticsearch is configured to listen on localhost:9200 as per the install manual.
Winbeatlogin is configured to point to Kiban at X.X.X.X:5601
and to elasticseatch at http://X.X.X.X:9200 and I have added the username and
password for a local administrative user.
setup.kibana: host: "X.X.X.X:5601" output.elasticsearch: hosts: ["X.X.X.X:9200"] username: "admin_some.user" password: "xxxxxxxxx"
network.host: localhost http.port: 9200
when I run the
winlogbeat.exe.test outout, I get the following:
PS C:\Program Files\Winlogbeat> .\winlogbeat.exe test output elasticsearch: http://elastic-poc.aechelon.com:9200... parse url... OK connection... parse host... OK dns lookup... OK addresses: 10.0.5.65 dial up... ERROR dial tcp 10.0.5.65:9200: connectex: No connection could be made because the target machine actively refused it.
I have tried changing the
network.host in elasticsearch.yml to the IP address of the server, but whenever I do that elasticsearch refuses to start. I feel like I am missing something fundamental, but I'm not finding what I'm looking for in the documentation.
Any help would be appreciated.