Sending Beat data from AWS to a server with a private IP

Hi Team,

I am new to this, Need to get the Windows Event Logs from AWS cloud to my VMware Ubuntu Logstash server.

I am not able to connect to my Ubuntu Logstash server (private ip) from an AWS Windows cloud instance (public ip).

  • Logstash IP is private ip
  • AWS cloud ip is public ip

We created the rule in my firewall ( allow the 5044 port from publicly ) for log receive.

Find below my configuration:

- name: Security
  ignore_older: 2h
  event_id: 4727, 4731, 4754, 4726
- name: Application
  ignore_older: 2h
- name: Security
  ignore_older: 2h

  hosts: [""]
  bulk_max_size: 1024
  index: winlogbeat
    certificate_authorities: ["C:/ProgramData/winlogbeat/logstash-forwarder.crt"]

logging.to_files: true
  path: C:/ProgramData/winlogbeat/Logs
logging.level: debug

Below find the error from Winlogbeat (AWS instance windows 2008 r2 server) .

2017-04-10T02:58:50+01:00 ERR Connecting error publishing events (retrying): dial tcp connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. 2017-04-10T02:58:50+01:00 DBG send fail

Its urgent your previous post was nice,



This is not a beats problem, this is a networking issue.
Unless you can provide a way for the Azure host to reach into that local network, you won't get anywhere.

Hi Warkolm,

Thanks for your reply, It will work only Azure host, not in AWS host?
Will it work only azure?

I meant AWS sorry.

Hi Warkolm,

Thanks for your reply,

I assume that it was a network issue, Please suggest me, What can i do for the network?
what is the way to resolve my network issue? once i resolved, I put the server in production in my office.

A VPN may solve it.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.