Hi, I am using Topbeat for monitoring. I've downloaded and followed process as per instructions.
I am using WINDOWS and I want to post my logs to a the computer in my network(10.77.240116)
After running topbeat powershell as a service, it runs with no successful message. I saw following message in C:/ProgramData/topbeat/Logs as,
2016-03-15T18:01:14+05:30 ERR Error sending/writing event: write /dev/stdout: The handle is invalid
Any probable reason?
NOTE: We are inside firewall of company. Ping from my machine to above IP is successful.
I would assume it's the console output that's causing this. Not sure why Topbeat attempts to open /dev/stdout on Windows (or the error message is bad).
You are right. The "error message is bad" I tried with localhost by putting loggin level info, worked.
Logfile says,
2016-03-16T11:48:47+05:30 INFO GeoIP disabled: No paths were set under output.geoip.paths
2016-03-16T11:48:47+05:30 INFO Activated console as output plugin.
2016-03-16T11:48:47+05:30 INFO Activated elasticsearch as output plugin.
2016-03-16T11:48:47+05:30 INFO Publisher name: DIN16000704
2016-03-16T11:48:47+05:30 INFO Flush Interval set to: 1s
2016-03-16T11:48:47+05:30 INFO Max Bulk Size set to: 2048
2016-03-16T11:48:47+05:30 INFO Flush Interval set to: 1s
2016-03-16T11:48:47+05:30 INFO Max Bulk Size set to: 50
2016-03-16T11:48:47+05:30 INFO Init Beat: topbeat; Version: 1.1.1
2016-03-16T11:48:47+05:30 INFO topbeat sucessfully setup. Start running.
2016-03-16T11:48:58+05:30 ERR Error sending/writing event: write /dev/stdout: The handle is invalid.
2016-03-16T11:48:58+05:30 INFO Error bulk publishing events: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:08+05:30 ERR Error sending/writing event: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:08+05:30 INFO Error bulk publishing events: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:18+05:30 ERR Error sending/writing event: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:18+05:30 INFO Error bulk publishing events: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:28+05:30 ERR Error sending/writing event: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:28+05:30 INFO Error bulk publishing events: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:38+05:30 ERR Error sending/writing event: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:38+05:30 INFO Error bulk publishing events: write /dev/stdout: The handle is invalid.
2016-03-16T11:49:44+05:30 INFO Cleaning up topbeat before shutting down.
Not getting whats wrong. Any Idea?
Tried with another computer in network, loglevel = info
2016-03-16T11:58:25+05:30 INFO Connecting error publishing events (retrying): Head http://10.76.170.79:9200: dial tcp 10.76.170.79:9200: connectex: No connection could be made because the target machine actively refused it.
2016-03-16T11:58:25+05:30 INFO send fail
2016-03-16T11:58:25+05:30 INFO backoff retry: 1s
2016-03-16T11:58:27+05:30 INFO Connecting error publishing events (retrying): Head http://10.76.170.79:9200: dial tcp 10.76.170.79:9200: connectex: No connection could be made because the target machine actively refused it.
2016-03-16T11:58:27+05:30 INFO send fail
2016-03-16T11:58:27+05:30 INFO backoff retry: 2s
2016-03-16T11:58:30+05:30 INFO Connecting error publishing events (retrying): Head http://10.76.170.79:9200: dial tcp 10.76.170.79:9200: connectex: No connection could be made because the target machine actively refused it.
2016-03-16T11:58:30+05:30 INFO send fail
2016-03-16T11:58:30+05:30 INFO backoff retry: 4s
2016-03-16T11:58:35+05:30 ERR Error sending/writing event: write /dev/stdout: The handle is invalid.
2016-03-16T11:58:30+05:30 INFO Connecting error publishing events (retrying): Head http://10.76.170.79:9200: dial tcp 10.76.170.79:9200: connectex: No connection could be made because the target machine actively refused it.
"Connection refused" in other words. Is ES listening on 10.76.170.79:9200 in the first place? If yes, is there a firewall blocking the access?
The value can be http://host:port or http://username:password@host:port if you need to do basic auth. host is the IP address or hostname of your proxy server and port is the port number that the proxy server is listening on.
So if I had a squid server on my network at 192.168.1.100 I would write:
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.