elasticsearch - Filebeat 到 logstash 的连接被拒绝

我正在尝试从 filebeat->logstash->elastic search 发送日志文件。文件beat.yml。但是我在 filebeat 日志中收到以下错误:

2017-12-07T16:15:38+05:30 ERR  Failed to connect: dial tcp [::1]:5044: connectex: No connection could be made because the target machine actively refused it.

我的filebeat和logstash配置如下:

1.filebeat.yml

filebeat.prospectors:

- input_type: log
  paths:
    - C:\Users\shreya\Data\mylog.log 
  document_type: springlog
 multiline.pattern: ^\[[0-9]{4}-[0-9]{2}-[0-9]{2}
  multiline.negate: true
  multiline.match: before
output.logstash:
  hosts: ["localhost:5044"]

2.logstash.yml

    http.host: "127.0.0.1"
    http.port: 5044

3.logstash 配置文件:

input {
     beats {
        port => 5044
    codec => multiline {
    pattern => "^(%{TIMESTAMP_ISO8601})"
        negate => true
        what => "previous"
    }
  }
}
filter {
    grok{
    id => "myspringlogfilter"
    match => { "message" => "%{TIMESTAMP_ISO8601:timestamp}; [LOG_LEVEL=%{LOGLEVEL:log-level}, CMPNT_NM= %{GREEDYDATA:component}, MESSAGE=%{GREEDYDATA:message}" }
    overwrite => ["message"]

    }

}
output {
    elasticsearch {
        hosts => "localhost:9200" 
        manage_template => false
            index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}" 
        document_type => "%{[@metadata][type]}"     
    }
    stdout {
         codec => rubydebug
  }
}

最佳答案

我把logstash.yml中的metric设置注释掉后问题解决了，如下:

# ------------ Metrics Settings --------------
#
# Bind address for the metrics REST endpoint
#
#http.host: "127.0.0.1"
#
# Bind port for the metrics REST endpoint, this option also accept a range
# (9600-9700) and logstash will pick up the first available ports.
#
#http.port: 5044
#

但仍然不知道为什么这样解决了这个问题。因为两者(filebeat 和 logstash)都指向同一个端口。如果有人能解释原因，然后事先谢谢!

关于elasticsearch - Filebeat 到 logstash 的连接被拒绝，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/47693360/

elasticsearch - Filebeat 到 logstash 的连接被拒绝

上一篇：ElasticSearch NEST 结合 AND 和 OR 查询

下一篇： friend 到 friend 列表的 Elasticsearch 映射