Hi,
- I'm trying to secure communication between Logstash and Filebeat using SSL (windows). After installing X-pack there is no data flowing in.
- Also there is no logs in the filebeat folder despite manually creating Filebeat.log.
Please find the filebeat.yml and logstash.conf files below
Filebeat.yml
.
.
output.logstash:
The Logstash hosts
hosts: ["192.x.x.x:5044"]
Optional SSL. By default is off.
ssl.enabled: true
List of root certificates for HTTPS server verifications
ssl.certificate_authorities: "S:\IDM\filebeat-6.2.2-windows-x86_64\NewCertificates\ca\ca.crt"
Certificate for SSL client authentication
ssl.certificate: "S:\IDM\filebeat-6.2.2-windows-x86_64\NewCertificates\IDM01-Filebeat\IDM01-Filebeat.crt"
Client Certificate Key
ssl.key: "S:\IDM\filebeat-6.2.2-windows-x86_64\NewCertificates\IDM01-Filebeat\IDM01-Filebeat.key"
#logging.selectors: ["*"]
logging.to_files: true
logging.files.path: "S:\IDM\filebeat-6.2.2-windows-x86_64\logs\filebeat.log"
Logstash.conf
.
.
input {
beats {
port => 5044
ssl => true
ssl_certificate_authorities => "C:\ELK6.2.2\elasticsearch-6.2.2\bin\x-pack\NewCertificates\ca\ca.crt"
ssl_certificate => "C:\ELK6.2.2\elasticsearch-6.2.2\bin\x-pack\NewCertificates\ELK\ELK.crt"
ssl_key => "C:\ELK6.2.2\elasticsearch-6.2.2\bin\x-pack\NewCertificates\ELK\ELK.key"
ssl_verify_mode => "peer"
}
}
Am I missing anything? Please help.
Regards,
Rahul