Hi Team,
The filebeat seems to be running, but giving the following error. transport.go:125: SSL client failed to connect with: dial tcp <IP address where elastic search, logstash and kibana are hosted>: getsockopt: connection refused
@Vishnu_Murty I have a few question to help debug that issue.
Can you include your filebeat configuration in this thread.
I believe you are using the elasticsearch output in the filebeat configuration, if so can you do a web request to the elasticsearch api from the filebeat machine?
Is Elasticsearch listening to the right IP address, by default it answer to localhost.
Did you set these options?
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
#network.host: 192.168.0.1
#
# Set a custom port for HTTP:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
@murthy.mvvs I supposed Filebeat and Elasticsearch are on two different machines? By for security reason, elasticsearch will only answer requests from localhost (same machine), if you want to receive events from another machine, you have to make sure you bind it to the correct IP it need to listen to.
# replace the X with the IP address and restart elasticsearch.
network.host: XXX.XXX.XXX.XXX
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.