I use Filebeat 7.4 and Kibana 7.3.2 . Filebeat receive cleanly the log. But he don't forwad to Kibana.
When I do : filebeat setup
I have this result :
Index setup finished.
Loading dashboards (Kibana must be running and reachable)
Exiting: error connecting to Kibana: fail to get the Kibana version: HTTP GET request to http://172.17.2.9:5601/api/status fails: fail to execute the HTTP GET request: Get http://172.17.2.9:5601/api/status: dial tcp 172.17.2.9:5601: connect: connection refused. Response: .
do you see anything in Kibana logs? can you connect to Kibana from where Beat is running? can you verify that Kibana is in fact listening on specified port on that URL?
As per above error it is clear that your kibana server is not reachable from that machine where you installed filebeat and trying to rin filebeat setup.
Can you please try below command on machine where you run filebeat setup:
telnet 172.17.2.9 5601
If you are not able to telnet then check your firewall rule and kibana service.
According to this output your kibana is running on localhost. You need to run it over internal IP (private ip) then it will be reachable from beat machine. If both machine are not reachable then contact your system admin team they will help you in reach ability of both machine.
@Jonathan_Sieger, did you restart the filebeat service after making changes in filebeat.yml file?
If yes, please provide log from filebeat because service status is not enough to troubleshoot the issue log may give some lead.
I resolve my issue, the filebeat.yml was not properly configured with my last version of elasticsearch and my app Wazuh in Kibana. Thanks you for your help.
But after the upgrade, Elasticsearch and Kibana use the CPU at 122%.. I have 8 Go RAM and 2 vCPU. I add more CPU ?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.