Hi
I've been unable to setup the Checkpoint Elastic integration due to this error.
[elastic_agent.filebeat][error] Input 'tcp' failed with: context canceled
Settings:
Integration info:
logfile: disabled
UDP: disabled
TCP:
- Syslog Host: 0.0.0.0 or localhost or (10.x.x.x)
- Syslog Port: 9001 or 5514
- All other settings default
Platform info:
Elastic Agent 8.7.1 - Installed on Red Hat Enterprise Linux release 9.1 Using rpm package
Also reproduced the error with docker-elastic-agent-8.7.1, docker-elastic-agent-complete-8.7.1, docker-elastic-agent-8.7.0
Elastic Agent inspect: IP address has been obfuscated
- data_stream:
namespace: default
id: tcp-checkpoint-4ac55184-d551-4520-85bf-ce913c5afda4
meta:
package:
name: checkpoint
version: 1.19.0
name: checkpoint
package_policy_id: 4ac55184-d551-4520-85bf-ce913c5afda4
revision: 4
streams:
- data_stream:
dataset: checkpoint.firewall
type: logs
fields:
_conf:
tz_offset: UTC
fields_under_root: true
host: 10.x.x.x:9001
id: tcp-checkpoint.firewall-4ac55184-d551-4520-85bf-ce913c5afda4
processors:
- add_locale: null
publisher_pipeline.disable_host: true
ssl: null
tags:
- forwarded
type: tcp
use_output: default