I have started working on Packetbeat and need to integrate it with existing Elasticsearch version 1.1.1 . I have Centos as OS. What I have observed is that packetbeat-1.0.0-Beta1-x86_64.rpm & packetbeat-1.0.0-beta2-x86_64.rpm are working perfectly fine for elasticsearch-1.4.0.noarch.rpm but as soon as I install elasticsearch-1.1.1.noarch.rpm, Packetbeat just wont start.
if I run Packetbeat through packetbeat -e -d "*"
I see below output after sometime and then it exit.
publish.go:203: DBG Add topology entry for <hostname>: [XX.XX.XX.XX fe80::250:56ff:feb5:2584]
bulkapi.go:30: DBG Empty channel. Wait for more data.
bulkapi.go:30: DBG Empty channel. Wait for more data.
bulkapi.go:30: DBG Empty channel. Wait for more data.
output.go:178: ERR Fail to publish IP addresses: ES returned an error: 503 Service Unavailable
publish.go:283: ERR Failed to publish topology: ES returned an error: 503 Service Unavailable
main.go:150: CRIT ES returned an error: 503 Service Unavailable
So, I wonder if this is some version mismatch issue . What should be the minimum version of Elasticsearch for Packetbeat ?
Minimum supported version for Elasticsearch should be 1.4 for Packetbeat.
Official Link:- https://www.elastic.co/subscriptions/matrix
Go to Product Compatibility to view the compatible versions.