New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Logging to Beats Endpoint (Logstash) and NET::ERR_CERT_INVALID #35
Comments
I'm having a similar issue. The defaults build for this creates all of the certs for Kibana and Logstash assuming localhost. However, unless I map localhost to the server's actual IP, nothing can reach Kibana, or any of the other ELK stuff. If I do map through the hosts file, I can access everything, but when I attempt to set up Beats to send data and find the Kibana instance, it fails telling me that the Kibana cert is not valid for the server, it's only valid for Localhost/127.0.0.1. If I generate certs for kibana with the proper hostname and such, and I plug those into the Kibana config file, when I start up the stack, the connectivity back to Kibana through either a browser or through beats config error with a connection refused. For the life of me, I'm attempting to sort out just how to get either proper certs, or how to get around the issue with ingest for beats, or what have you. |
Trying to send events through logstash is working fine with me. I did it using a container on the same docker-compose network using the following output configuration: output.logstash:
hosts: ["logstash:5044"] One thing I noticed in your comment is using http://localhost:5044 or https://localhost:5044 ... this should work. the connection to Logstash beats is a TCP connection not HTTP. For Kibana, it should open if ES has no data. something might be corrupted in your setup, please check and share the logs. |
Hi, I also have trouble sending logs to logstash. The ELK stack is up and running, I can access Kibana's interface. I did a very simple test by adding a dummy container to the docker-compose available in this repo, so that I am extra sure of being on the same network:
Also note that I tried to replace 127.0.0.1 by "logstash" as suggested above and also by "elastic_logstash_1" but the dummy container failed to boot: Any suggestions? |
I would like to note two points:
|
Thanks for your input but I still can't make it work. The dummy container is indeed on the
Following your comment, I added the following line to the I added this part in the docker-compose file provided in this repo:
where testlogs is a simple python webapp, the app has a button that |
Update: |
Aha, sorry I missed this point, you're sending the logs via Docker's driver, if you think about it, the driver itself is not part of the container's network, it is a construct of the host. And that's why the driver (being on the host) won't have access to hostname |
Hi!
Great stack! I was able to get your stack running on a Linux VM using docker-machine and virtual box (I still like docker-machine). Running Docker Engine and Compose @ latest through Docker Desktop on Mac. Stack is running well and builds well. Two questions:
I'm trying to send json logs to the beats input port (5044), but doesn't look like I'm getting anything through at http://localhost:5044 or https://localhost:5044. Any quick tips for how to push data to the beats endpoints (longtime ELK user, but have never used with security enabled). Do I need to add my own custom endpoint to the inputs configs for LS?
Kibana is not in a ready state when I navigate to https://localhost:5601. Likely, this is because ES hasn't receive any data. However, I'm gettting a lot of err_cert_invalid errors in Chrome. Forced to push through these in MozFF. Any thoughts on the certs?
The text was updated successfully, but these errors were encountered: