I was trying to implement ELK stack using docker to collect logs from the machines which are in different network, would say that my docker Engine is in a private Network A and my hosts are in another private Network B. I have installed beats on my nodes and was trying to verify the ELK server configured in docker container in Network A. But I was not succeeded in verifying the ELK from beats hosts.
What I did?
On Network A:
- Used sebp/elk image to start a ELK container
- Did port forwarding for port 5601, 9200, 5044
- Verified if kibana is loading in web and it was success
- Generated SSL cert in the ELK container with the public IP of the host where docker was
- copied this SSL cert on to the beats host /etc/pki/tls/certs/
On Network B:
- Installed beats in the machine (Not a container)
- configured filebeat.yml with the public IP of the Docker host with the port (Say x.x.x.x:8001)
and added ssl cert path
- Restarted logstash in Network A and filebeat in Network B and received the following error
.514762 transport.go:125: ERR SSL client failed to connect with: x509: cannot validate certificate for <public_ip of container’s host> because it doesn’t contain any IP SANs.
Could any one please help me with fixing the issue that how can I make a successful verification of the ELK by beats host in a different network