Hello to all,
After configuring the integration I started to notice that the logs were not arriving steadily but with intervals of 3 to 12 hours which was strange to me.
When reviewing the log presented by the agent, I find the following error message, and after searching for information I do not see a way to solve it. I appreciate your support.
The integration allows ingesting 3 types of logs
Tenable Security Center asset data
Tenable Security Center plugin data
Tenable Security Center vulnerability data
It turns out that the “Tenable Security Center vulnerability data” logs are very large and I could not find a way to ingest them or modify the size limits from the integration, so to solve the problem temporarily I only left active the ingest of the “Tenable Security Center asset data” logs which are less numerous.
Hey, so this definitely shouldn't be happening. Let's see if we can get to the bottom of it.
Can you confirm something for me? Above these three panels is the more global Collect Tenable Security Center data via API which has a number of settings available. One of the settings is called Enable request tracing. This setting is disabled by default. Have you by chance enabled it?
If request tracing is disabled would you mind re-enabling the vulnerability data and providing me an agent diagnostic over a private channel like email from the agent that is having this issue? Or if you're not comfortable providing an agent diagnostic can you open the diagnostic and find the error in the logs and provide a couple of full raw logs from the diagnostic? The view of the errors you've screenshotted cuts off a lot of info that would be really helpful in figuring out what might be going on.
Hello,
Thank you very much for replying, sorry for not replying sooner, I had not seen your reply.
I still have the problem, I share with you the image you ask me for
I had it enabled, maybe I did it and didn't remember it.
Explain to me about the diagnosis and I will share it with you, thank you in advance for your interest in helping me.
05:53:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
05:53:54.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
05:53:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
05:54:00.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
05:54:08.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
05:54:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
05:54:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
06:03:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:03:54.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:03:56.616
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:04:00.618
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:04:08.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:04:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:04:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
06:13:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:13:54.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:13:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:14:00.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:14:08.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:14:24.625
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:14:24.625
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
06:23:53.611
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:23:54.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:23:56.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:24:00.618
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:24:08.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:24:24.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:24:24.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
06:33:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:33:54.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:33:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:34:00.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:34:08.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:34:24.625
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:34:24.625
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
06:43:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:43:54.614
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:43:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:44:00.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:44:08.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:44:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:44:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
06:53:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:53:54.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:53:56.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:54:00.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:54:08.619
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:54:24.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
06:54:24.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
07:03:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:03:54.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:03:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:04:00.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:04:08.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:04:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:04:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
07:13:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:13:54.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:13:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:14:00.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:14:08.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:14:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:14:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
07:23:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:23:54.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:23:56.614
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:24:00.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:24:08.619
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:24:24.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:24:24.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
07:33:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:33:54.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:33:56.616
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:34:00.619
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:34:08.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:34:24.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:34:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
07:43:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:43:54.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:43:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:44:00.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:44:08.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:44:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:44:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
07:53:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:53:54.614
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:53:56.616
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:54:00.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:54:08.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:54:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
07:54:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
08:03:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:03:54.614
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:03:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:04:00.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:04:08.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:04:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:04:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
08:13:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:13:54.614
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:13:56.616
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:14:00.619
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:14:08.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:14:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:14:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
08:23:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:23:54.614
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:23:56.616
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:24:00.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:24:08.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:24:24.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:24:24.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
08:33:53.614
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:33:54.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:33:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:34:00.618
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:34:08.619
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:34:24.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:34:24.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
08:43:53.611
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:43:54.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:43:56.616
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:44:00.619
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:44:08.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:44:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:44:24.624
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
08:53:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:53:54.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:53:56.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:54:00.619
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:54:08.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:54:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
08:54:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
09:03:53.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:03:54.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:03:56.617
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:04:00.618
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:04:08.621
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:04:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:04:24.623
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
09:13:53.612
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:13:54.613
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:13:56.615
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:14:00.618
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:14:08.620
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:14:24.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] request failed
09:14:24.622
elastic_agent.filebeat
[elastic_agent.filebeat][error] Error while processing http request: failed to collect first response: failed to execute http POST: Post "https://tenable-abcc/rest/analysis": POST https://tenable-abcc/rest/analysis giving up after 6 attempt(s): Post "https://tenable-abcc/rest/analysis": dial tcp 172.26.6.50:443: connect: connection refused
Please disable request tracing and see if it works.
Request tracing fails if the response is >10mb, which yours is.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.