Hi,
I have a big problem with my ELK-Stack (version 8.7.0) created with docker.
I have created elasticsearch, kibana, logstash and filebeat with docker-compose.
elasticsearch and kibana connects per ssl with the token, I've created with elasticsearch, that works fine. But the other services did not work with SSL.
Here is the way it should work:
Filebeat reads Logfiles that is connected per volume to filebeat.
Filebeat should send it to Logstash. Logstash filter the data and send it to elasticsearch.
The Connection from filebeat to logstash could not established.
I get this message:
Failed to publish events caused by: write tcp 192.168.13.6:49220->192.168.13.4:5044: write: connection reset by peer
The only documentation I've found is for local installations. I tried to adopt this, but it failed every time. I did not get a connection per SSL/TLS
Does anyone have experience with this and can help me?
You didn't share your docker-compose, you need to share it.
The error you are getting is unrelated to any tool on the stack, it is a network error, you first need to check if the containers can talk with each other on the specified ports.
#filebeat.registry_file: /usr/share/filebeat/data/registry
filebeat.config.inputs:
#prospectors dynamically loaded from the sub-directory
path: ${path.config}/prospectors.d/*.yml
reload.enabled: false
filebeat.modules:
#All data to indexed to Elasticsearch
output.logstash:
hosts: ["192.168.13.4:5044"]
I've copied the environment from the old Docker Server. Now I see that this does not make sense.
So I have to delete the line with the elasticsearch output, right?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.