I am OK at ubuntu. I am trying to learn and explore Elastic and Kibana as a SIEM.
I have tried this with fresh 18.04 and 19 Ubuntu server with the same results. Basically, I follow the directions here
https://www.elastic.co/guide/en/elasticsearch/reference/current/deb.html

I install all updates and these are my exact commands I put in:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - sudo apt-get install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list sudo apt-get update && sudo apt-get install elasticsearch
sudo /bin/systemctl daemon-reload sudo /bin/systemctl enable elasticsearch.service
$ sudo systemctl start elasticsearch.service

Finally, I get to the cURL test and enter:
$ curl -X GET "localhost:9200/?pretty"

and I get back:
{
"name" : "siemubuntu",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "P27ksrrSRQ6_ZdMXYMyjYw",
"version" : {
"number" : "7.3.0",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "de777fa",
"build_date" : "2019-07-24T18:30:11.767338Z",
"build_snapshot" : false,
"lucene_version" : "8.1.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}

However, when I open a browser and goto 192.168.10.206:9200, I get

This site can’t be reached

192.168.10.206 refused to connect.

The default FW is off and Webmin works fine (yes, updated!).

Any help would be appreciated!

Make sure to set "network.host: 0.0.0.0" in elasticsearch.yml

Thanks. Made the change and now I get:

siemadmin@siemubuntu:~ curl -X GET "localhost:9200/?pretty" curl: (7) Failed to connect to localhost port 9200: Connection refused siemadmin@siemubuntu:~

I rebooted as well with no improvement.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.