我正在尝试在客户端上使用Filebeat和MetricBeat收集信息时实现ELK堆栈。
安装顺利,filebeat在客户端运行正常并将信息发送到logstash(感谢'insecure:true)。
Metricbeats根本不想连接并显示:
2017-02-08T15:57:36+01:00 ERR Connecting error publishing events (retrying): x509: cannot validate certificate for xxx.xxx.xxx.xxx because it doesn't contain any IP SANs
2017-02-08T15:57:37+01:00 ERR Connecting error publishing events (retrying): x509: cannot validate certificate for xxx.xxx.xxx.xxx because it doesn't contain any IP SANs
我环顾四周试了一下:
1.使用FQDN创建ssl证书:
sudo openssl req -subj '/CN=ec2xxxxeu-west-1.compute.amazonaws.com/' -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout private/logstash-forwarder.key -out certs/logstash-forwarder.crt
这表明:
2017-02-08T15:47:22+01:00 ERR Connecting error publishing events (retrying): x509: certificate is valid for , not ec2-34-249-172-152.eu-west-1.compute.amazonaws.com
2.使用openssl配置中的'subjectAltName = IP:ELK_server_private_IP'然后使用:
使用ip证书sudo openssl req -config /etc/ssl/openssl.cnf -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout private/logstash-forwarder.key -out certs/logstash-forwarder.crt
我按照本教程进行ELK / filebeat安装 https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elk-stack-on-ubuntu-16-04
显示有关SAN ips的标题中的错误消息。
有人对正在发生的事情有所解释,metrisbeats是否有不安全感:真的让它有效吗?