Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 1032/systemd-resolv tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1874/sshd tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 2145/master tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 13557/sshd: aolivas tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 15586/sshd: aolivas tcp 0 0 0.0.0.0:5601 0.0.0.0:* LISTEN 1314/node tcp 0 0 0.0.0.0:1515 0.0.0.0:* LISTEN 2329/ossec-authd tcp6 0 0 :::9200 :::* LISTEN 1738/java tcp6 0 0 :::9300 :::* LISTEN 1738/java tcp6 0 0 :::22 :::* LISTEN 1874/sshd tcp6 0 0 :::55000 :::* LISTEN 1734/nodejs tcp6 0 0 :::25 :::* LISTEN 2145/master tcp6 0 0 ::1:6010 :::* LISTEN 13557/sshd: aolivas tcp6 0 0 ::1:6011 :::* LISTEN 15586/sshd: aolivas -----Original Message----- From: Fabien Wernli <wernli@in2p3.fr> Sent: Wednesday, July 10, 2019 3:14 PM To: Allen Olivas <allen.olivas@infodefense.com> Cc: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> Subject: Re: RE: RE: [syslog-ng] Cannot send Syslog-ng to Elasticsearch On Wed, Jul 10, 2019 at 05:16:01PM +0000, Allen Olivas wrote:
curl: (7) Failed to connect to localhost port 9200: Connection refused
This probably means that your elasticsearch instance doesn't listen on the right interface. Can you share the output of the following command please? netstat -tpln