Winlogbeat to Kibana api/failed

Coeus.IT · April 19, 2021, 4:46am

Hi,

I have setup a Ubuntu server for centralized logs.
Installed:

Elasticsearch
Kibana
Logstash

Now, when I wants to run ".\winlogbeat.exe setup --dashboard" from Windows 10 machine, it shows
"error connecting to kibana: fail to get the kibana version: HTTP GET request to HTTP://:5601/api/status fails: fail to execute the HTTP GET request: No connection could be made because the target machine actively refused it.. Response: ."

Please assist

Jason_Slater · April 19, 2021, 6:08am

check setup.kibana.host in your winlogbeat.yml file as a first step. is it uncommented? what value do you have in this field?

# =================================== Kibana ===================================

# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
# This requires a Kibana endpoint configuration.
setup.kibana:

  # Kibana Host
  # Scheme and port can be left out and will be set to the default (http and 5601)
  # In case you specify and additional path, the scheme is required: http://localhost:5601/path
  # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
  #host: "localhost:5601"

Coeus.IT · April 19, 2021, 6:55am

Hi Jason,

Thanks for reply.

I have removed comment on Kibana and Elaticsearch.output and pointing it to ELK server's IP.
For the authentication credentials, I have put username and password for "elastic" which I've generated in ELK when I enabled "xpack.security.enabled: true".
Does this causing the issue?

Much appreciate if could assist.

Coeus.IT · April 20, 2021, 4:41am

Exiting: error connecting to Kibana: fail to get the kibana version: HTTP GET request to http://:5601/api/status fails: fail to execute the HTTP GET request: Get "http://:5601/api/status": dial tcp :5601: connectex: No connection could be made because the target machine actively refused it.. Response: .

Coeus.IT · April 20, 2021, 5:24am

My winlogbeat.yml:

====Dashboards====
setup.dashboards.enabled: true

====Kibana====
setup.kibana:
host: "ELK IP: 5601"

----Elasticsearch Output----
output.elasticsearch:
hosts: ["ELK IP:9200"]

Installed winlogbeat as service. Started service.
Powershell (run as admin)
.\winlogbeat.exe setup (after this command execute the error message was out/ target machine actively refused)

system · May 18, 2021, 5:24am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.