search

cvandeplas / ELK-forensics

ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)
GNU Affero General Public License v3.0
179 stars 32 forks source link

To import data, execute the command error:: Connection refuse #2

Open googleman2014 opened 9 years ago

googleman2014 commented 9 years ago

Dear Guy, Your project is really cool and awesome,I'm very interested in it.Many thanks your great contribution.I follow your command to import data, but below error happened, please help on it.

root@debian:~/ELK-forensics# cat computername.mactime | nc -vv -n 127.0.0.1 18001 cat: computername.mactime: No such file or directory (UNKNOWN) [127.0.0.1] 18001 (?) : Connection refused sent 0, rcvd 0

root@debian:~/ELK-forensics# cat SG100-* | nc -vv -n 127.0.0.1 18002 cat: SG100-*: No such file or directory (UNKNOWN) [127.0.0.1] 18002 (?) : Connection refused sent 0, rcvd 0

cvandeplas commented 9 years ago

Are you sure your logstash is configured and running? try a: 

sudo netstat -nalp | fgrep "1800"

That should return lines stating that java is listening on these ports.