Is there any way to use Winlogbeat v7 with Elasticsearch v6.4?
In a working 6.4 Winlogbeat, ES, Kibana environment, i tried to upgrade just winlogbeat to v7 to make use of the new add_fields processor, however i now get complaints about
ERROR Connection marked as failed because the onConnect callback failed: cannot retrieve the
elasticsearch license: unauthorized access, could not connect to the xpack endpoint, verify your
credentials
I understand this is due to a version miss-match.
https://www.elastic.co/support/matrix#matrix_compatibility
That is not supported.
That error is more of an indicator that you are using the Elastic licensed version of Winlogbeat (default distribution) with the OSS version of Elasticsearch. In 7.x default distributions of Beats check that ES has the same license type.
So if you are running an OSS Elasticsearch instance then download the OSS Winlogbeat. But like what Martin said those two versions are not listed as compatible so you may still run into issues.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
