Need Help Deploying Auditbeat and Filebeat to hosts in my network

I have a single node Rock NSM deployed on an ESXi in my homelab network.

I downloaded the package onto the respective host, configured the auditbeat.yml with the following

output.elasticsearch:
 hosts: ["192.168.1.27:9200"]

setup.kibana:
  host: "192.168.1.27:5601"

When I run
sudo auditbeat setup
I get “connection refused” error
Exiting: Couldn't connect to any of the configured Elasticsearch hosts. Errors: [Error connection to Elasticsearch http://192.168.1.27:9200: Get http://192.168.1.27:9200: dial tcp 192.168.1.27:9200: connect: connection refused]

I edited my RockNSM node’s /etc/elasticsearch/elasticsearch.yml file to change network.hosts to
network.host: 0.0.0.0
to allow connection other than the default localhost.

it seems to still refuse the connection.

Is there any special network configuration that I need to do with RockNSM outside of a normal ELK deployment to enable distributed deployment of beats agents onto my host machines?

Please help. Thank you

you may need to open the firewall via sudo firewall-cmd --zone=public --add-port=9200/tcp --permanent and then sudo firewall-cmd --reload