I have setup a Ubuntu server for centralized logs.
Installed:
Elasticsearch
Kibana
Logstash
Now, when I wants to run ".\winlogbeat.exe setup --dashboard" from Windows 10 machine, it shows
"error connecting to kibana: fail to get the kibana version: HTTP GET request to HTTP://:5601/api/status fails: fail to execute the HTTP GET request: No connection could be made because the target machine actively refused it.. Response: ."
check setup.kibana.host in your winlogbeat.yml file as a first step. is it uncommented? what value do you have in this field?
# =================================== Kibana ===================================
# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
# This requires a Kibana endpoint configuration.
setup.kibana:
# Kibana Host
# Scheme and port can be left out and will be set to the default (http and 5601)
# In case you specify and additional path, the scheme is required: http://localhost:5601/path
# IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
#host: "localhost:5601"
I have removed comment on Kibana and Elaticsearch.output and pointing it to ELK server's IP.
For the authentication credentials, I have put username and password for "elastic" which I've generated in ELK when I enabled "xpack.security.enabled: true".
Does this causing the issue?
Exiting: error connecting to Kibana: fail to get the kibana version: HTTP GET request to http://:5601/api/status fails: fail to execute the HTTP GET request: Get "http://:5601/api/status": dial tcp :5601: connectex: No connection could be made because the target machine actively refused it.. Response: .
Installed winlogbeat as service. Started service.
Powershell (run as admin)
.\winlogbeat.exe setup (after this command execute the error message was out/ target machine actively refused)
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.