I have a single node Rock NSM deployed on an ESXi in my homelab network.
I downloaded the package onto the respective host, configured the auditbeat.yml with the following
output.elasticsearch: hosts: ["192.168.1.27:9200"] setup.kibana: host: "192.168.1.27:5601"
When I run
sudo auditbeat setup
I get “connection refused” error
Exiting: Couldn't connect to any of the configured Elasticsearch hosts. Errors: [Error connection to Elasticsearch http://192.168.1.27:9200: Get http://192.168.1.27:9200: dial tcp 192.168.1.27:9200: connect: connection refused]
I edited my RockNSM node’s /etc/elasticsearch/elasticsearch.yml file to change network.hosts to
to allow connection other than the default localhost.
it seems to still refuse the connection.
Is there any special network configuration that I need to do with RockNSM outside of a normal ELK deployment to enable distributed deployment of beats agents onto my host machines?
Please help. Thank you