Thank you Dave for your reply and suggestion. Do I need to open 9200 port ?
I am trying to install standalone Elastic agent in my laptop and would feed the log files locally and then run indexing and search in Kibana to view the data there.
Here are the steps I tried:
- Installed Elastic agent in Standalone mode in my windows machine - followed the steps from Elastic
- Made changes to elastic-agent.yml file. I am not sure how to create api_key for windows, so kept as is, here are the entries from it:
outputs:
default:
type: elasticsearch
hosts: [127.0.0.1:9200]
api_key: "example-key"
#username: "elastic"
#password: "changeme"
#preset: balanced
# Here you can configure your list of inputs. You can either configure all the inputs as a list of arrays
# or create an "inputs.d" directory containing your input configurations.
# See https://www.elastic.co/guide/en/fleet/current/elastic-agent-configuration.html for how to structure the "inputs.d" directory.
inputs:
- id: test
type: filestream
streams:
- id: teststream
data_stream:
dataset: commercedata
paths:
- /var/log/your-logs.log
Let me paste the logs here, this is post running the elastic-agent.exe as SU in power shell.
{"log.level":"error","@timestamp":"2024-03-14T17:47:12.691+0530","message":"Failed to connect to backoff(elasticsearch(http://127.0.0.1:9200)): Get \"http://127.0.0.1:9200\": dial tcp 127.0.0.1:9200: connectex: No connection could be made because the target machine actively refused it.","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"http/metrics-monitoring","type":"http/metrics"},"log":{"source":"http/metrics-monitoring"},"log.logger":"publisher_pipeline_output","log.origin":{"file.line":148,"file.name":"pipeline/client_worker.go","function":"github.com/elastic/beats/v7/libbeat/publisher/pipeline.(*netClientWorker).run"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-03-14T17:47:12.691+0530","message":"Attempting to reconnect to backoff(elasticsearch(http://127.0.0.1:9200)) with 5 reconnect attempt(s)","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"http/metrics-monitoring","type":"http/metrics"},"log":{"source":"http/metrics-monitoring"},"log.logger":"publisher_pipeline_output","log.origin":{"file.line":139,"file.name":"pipeline/client_worker.go","function":"github.com/elastic/beats/v7/libbeat/publisher/pipeline.(*netClientWorker).run"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
{"log.level":"error","@timestamp":"2024-03-14T17:47:14.731+0530","message":"Error dialing dial tcp 127.0.0.1:9200: connectex: No connection could be made because the target machine actively refused it.","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"http/metrics-monitoring","type":"http/metrics"},"log":{"source":"http/metrics-monitoring"},"service.name":"metricbeat","network":"tcp","address":"127.0.0.1:9200","ecs.version":"1.6.0","log.logger":"esclientleg","log.origin":{"file.line":38,"file.name":"transport/logging.go","function":"github.com/elastic/elastic-agent-libs/transport.LoggingDialer.func1"},"ecs.version":"1.6.0"}
{"log.level":"error","@timestamp":"2024-03-14T17:47:15.302+0530","message":"Failed to connect to backoff(elasticsearch(http://127.0.0.1:9200)): Get \"http://127.0.0.1:9200\": dial tcp 127.0.0.1:9200: connectex: No connection could be made because the target machine actively refused it.","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"filestream-monitoring","type":"filestream"},"log":{"source":"filestream-monitoring"},"log.logger":"publisher_pipeline_output","log.origin":{"file.line":148,"file.name":"pipeline/client_worker.go","function":"github.com/elastic/beats/v7/libbeat/publisher/pipeline.(*netClientWorker).run"},"service.name":"filebeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-03-14T17:47:15.302+0530","message":"Attempting to reconnect to backoff(elasticsearch(http://127.0.0.1:9200)) with 6 reconnect attempt(s)","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"filestream-monitoring","type":"filestream"},"log":{"source":"filestream-monitoring"},"service.name":"filebeat","ecs.version":"1.6.0","log.logger":"publisher_pipeline_output","log.origin":{"file.line":139,"file.name":"pipeline/client_worker.go","function":"github.com/elastic/beats/v7/libbeat/publisher/pipeline.(*netClientWorker).run"},"ecs.version":"1.6.0"}
{"log.level":"error","@timestamp":"2024-03-14T17:47:17.355+0530","message":"Error dialing dial tcp 127.0.0.1:9200: connectex: No connection could be made because the target machine actively refused it.","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"filestream-monitoring","type":"filestream"},"log":{"source":"filestream-monitoring"},"service.name":"filebeat","address":"127.0.0.1:9200","ecs.version":"1.6.0","log.logger":"esclientleg","log.origin":{"file.line":38,"file.name":"transport/logging.go","function":"github.com/elastic/elastic-agent-libs/transport.LoggingDialer.func1"},"network":"tcp","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-03-14T17:47:33.795+0530","message":"Non-zero metrics in the last 30s","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"beat/metrics-monitoring","type":"beat/metrics"},"log":{"source":"beat/metrics-monitoring"},"log.logger":"monitoring","log.origin":{"file.line":187,"file.name":"log/log.go","function":"github.com/elastic/beats/v7/libbeat/monitoring/report/log.(*reporter).logSnapshot"},"service.name":"metricbeat","monitoring":{"ecs.version":"1.6.0","metrics":{"beat":{"cpu":{"system":{"ticks":1421,"time":{"ms":15}},"total":{"ticks":2186,"time":{"ms":15},"value":2186},"user":{"ticks":765}},"info":{"ephemeral_id":"c9723cfb-fb16-4ac0-8519-9915208496a7","uptime":{"ms":109710},"version":"8.12.2"},"memstats":{"gc_next":51510880,"memory_alloc":38719120,"memory_total":50365736,"rss":88666112},"runtime":{"goroutines":47}},"libbeat":{"config":{"module":{"running":1}},"output":{"events":{"active":0}},"pipeline":{"clients":2,"events":{"active":0}}}}},"ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-03-14T17:47:33.795+0530","message":"Non-zero metrics in the last 30s","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"http/metrics-monitoring","type":"http/metrics"},"log":{"source":"http/metrics-monitoring"},"service.name":"metricbeat","monitoring":{"ecs.version":"1.6.0","metrics":{"beat":{"cpu":{"system":{"ticks":1187},"total":{"ticks":2108,"time":{"ms":15},"value":2108},"user":{"ticks":921,"time":{"ms":15}}},"info":{"ephemeral_id":"74d82424-619e-4099-9f05-f9b59793dcc5","uptime":{"ms":109725},"version":"8.12.2"},"memstats":{"gc_next":44969680,"memory_alloc":36668008,"memory_total":51597680,"rss":88752128},"runtime":{"goroutines":53}},"libbeat":{"config":{"module":{"running":3}},"output":{"events":{"active":0}},"pipeline":{"clients":3,"events":{"active":6,"published":3,"retry":3,"total":3}}},"metricbeat":{"http":{"json":{"events":3,"success":3}}},"system":{"handles":{"open":2}}}},"log.logger":"monitoring","log.origin":{"file.line":187,"file.name":"log/log.go","function":"github.com/elastic/beats/v7/libbeat/monitoring/report/log.(*reporter).logSnapshot"},"ecs.version":"1.6.0"}