Hi , I try to connect to ELK server from my server client but I get this error when I restart my filebeat daemon :
Can any one help me ?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi, i have the same error : localhost /usr/bin/filebeat[80858]: transport.go:125: SSL client failed to connect with: dial tcp 172.16.1.133:5044: getsockopt: connection refused"
both of machines running on the same cluster (local)
input {
beats {
port => 5044
ssl => true
ssl_certificate => “/etc/pki/tls/certs/logstash-forwarder.crt”
ssl_key => “/etc/pki/tls/private/logstash-forwarder.key”
}
}
filter {
if [type] == “DooperaLog” {
grok {
match => { “message” => “%{COMBINEDAPACHELOG}” }
}
geoip {
source => “clientip”
}
}
}
output {
if [type] == “DooperaLog” {
elasticsearch {
hosts => [“localhost:9200”]
sniffing => true
manage_template => false
index => “Doopera-%{+YYYY.MM.dd}”
document_type => “%{[@metadata][type]}”
}
}
}
that’s work with syslog configuration and i have filebeat*xxxxx output but when i change to matching with my what i need i don’t see anything.
Any help please ?
Hi @benchaabenwissem!
Is
192.168.1.10
the IP of the machine that is running Logstash/ElasticSearch? Are both machines on the same local network? Can you please post the output of the following command when run on192.168.1.10
so that we can see if the issue is related to a firewall rule?