我正在尝试在客户端上使用 Filebeat 和 MetricBeat 收集信息时实现 ELK 堆栈。
安装顺利,filebeat 在客户端上运行正常,并将信息发送到 logstash(感谢 'insecure: true)。
Metricbeats 根本不想连接并显示:
2017-02-08T15:57:36+01:00 ERR Connecting error publishing events (retrying): x509: cannot validate certificate for xxx.xxx.xxx.xxx because it doesn't contain any IP SANs
2017-02-08T15:57:37+01:00 ERR Connecting error publishing events (retrying): x509: cannot validate certificate for xxx.xxx.xxx.xxx because it doesn't contain any IP SANs
我环顾四周并尝试:
1.使用 FQDN 创建 ssl 证书:
sudo openssl req -subj '/CN=ec2xxxxeu-west-1.compute.amazonaws.com/' -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout private/logstash-forwarder.key -out certs/logstash-forwarder.crt
这表明:
2017-02-08T15:47:22+01:00 ERR Connecting error publishing events (retrying): x509: certificate is valid for , not ec2-34-249-172-152.eu-west-1.compute.amazonaws.com
2.通过将'subjectAltName = IP:ELK_server_private_IP'放入openssl配置来使用ip证书,然后使用:
sudo openssl req -config /etc/ssl/openssl.cnf -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout private/logstash-forwarder.key -out certs/logstash-forwarder.crt
我按照本教程进行 ELK / filebeat 安装 https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elk-stack-on-ubuntu-16-04
这在有关 SAN ips 的标题中显示错误消息。
有人对发生的事情有解释吗,metrisbeats 是否有一个不安全的:真实的让它工作?