|
| 1 | +--- |
| 2 | +navigation_title: Connectivity issues |
| 3 | +description: Troubleshoot connectivity issues between EDOT SDKs, the Collector, and Elastic. |
| 4 | +applies_to: |
| 5 | + stack: all |
| 6 | + serverless: all |
| 7 | +products: |
| 8 | + - id: observability |
| 9 | + - id: edot-collector |
| 10 | + - id: edot-sdk |
| 11 | +--- |
| 12 | + |
| 13 | +# Connectivity issues with EDOT |
| 14 | + |
| 15 | +Connectivity problems occur when the OpenTelemetry SDK or Collector cannot reach the Elastic endpoint. Even with correct proxy settings, network restrictions such as blocked ports or firewalls can prevent data from flowing. |
| 16 | + |
| 17 | + |
| 18 | +## Symptoms |
| 19 | + |
| 20 | +You might see one or more of the following error messages: |
| 21 | + |
| 22 | +- `connection refused` |
| 23 | +- `network unreachable` |
| 24 | +- `i/o timeout` |
| 25 | +- `tls: handshake failure` |
| 26 | + |
| 27 | +These errors may appear either in application logs (from the SDK) or in the Collector logs. |
| 28 | + |
| 29 | + |
| 30 | +## Causes |
| 31 | + |
| 32 | +Connectivity errors usually trace back to one of the following issues: |
| 33 | + |
| 34 | +- **Firewall or port blocking** |
| 35 | + |
| 36 | + Outbound traffic on port `443` is blocked by corporate firewalls or network policies. |
| 37 | + |
| 38 | +- **Endpoint errors** |
| 39 | + |
| 40 | + The endpoint is unreachable or not listening on the specified port: |
| 41 | + |
| 42 | + - `connection refused`: endpoint not listening |
| 43 | + - `network unreachable`: VPN, routing, or DNS failure |
| 44 | + - `timeout`: traffic dropped by firewall, proxy, or load balancer |
| 45 | + |
| 46 | +- **Proxy misconfiguration** |
| 47 | + |
| 48 | + Proxy environment variables (`HTTP_PROXY`, `HTTPS_PROXY`) may be set correctly but the proxy itself lacks access to Elastic or restricts ports. Refer to [Proxy settings](opentelemetry://reference/edot-collector/config/proxy.md) for more information. |
| 49 | + |
| 50 | + |
| 51 | +### Differentiating SDK vs Collector issues |
| 52 | + |
| 53 | +Errors can look similar whether they come from an SDK or the Collector, but identifying the source helps you isolate the problem: |
| 54 | + |
| 55 | +* **SDK** |
| 56 | + |
| 57 | +Application logs report failures when the SDK cannot send data to the Collector or directly to Elastic. These often appear as `connection refused` or `timeout` messages. If seen, verify that the Collector endpoint is reachable. |
| 58 | + |
| 59 | +* **The Collector** |
| 60 | + |
| 61 | +Collector logs show export failures when it cannot forward data to Elastic. Look for messages like `cannot send spans` or `failed to connect to <endpoint>`. If present, confirm the Collector’s exporters configuration and network access. |
| 62 | + |
| 63 | + |
| 64 | +## Resolution |
| 65 | + |
| 66 | +Before you dig into SDK or Collector configuration, confirm that your environment can reach the Elastic endpoint by performing the following checks: |
| 67 | + |
| 68 | +:::::{stepper} |
| 69 | + |
| 70 | +::::{step} Verify DNS resolution |
| 71 | + |
| 72 | +Make sure the hostname for your Elastic endpoint resolves correctly: |
| 73 | + |
| 74 | +```bash |
| 75 | +nslookup <your-endpoint> |
| 76 | +``` |
| 77 | + |
| 78 | +:::: |
| 79 | + |
| 80 | +::::{step} Test network reachability |
| 81 | + |
| 82 | +```bash |
| 83 | +ping <your-endpoint> |
| 84 | +``` |
| 85 | + |
| 86 | +:::: |
| 87 | + |
| 88 | +::::{step} Check open ports |
| 89 | + |
| 90 | +Test whether the required OTLP ports are open (default `443` for HTTPS): |
| 91 | + |
| 92 | +```bash |
| 93 | +nc -vz <your-endpoint> 443 |
| 94 | +``` |
| 95 | + |
| 96 | +:::: |
| 97 | + |
| 98 | +::::{step} Verify TLS/SSL |
| 99 | + |
| 100 | +Check that TLS certificates can be validated: |
| 101 | + |
| 102 | +```bash |
| 103 | +openssl s_client -connect <your-endpoint>:443 |
| 104 | +``` |
| 105 | + |
| 106 | +:::: |
| 107 | + |
| 108 | +::::: |
| 109 | + |
| 110 | +If any of these steps fail, the issue is likely caused by network infrastructure rather than your SDK or Collector configuration. |
| 111 | + |
| 112 | + |
| 113 | +### Next steps |
| 114 | + |
| 115 | +If basic checks and configuration look correct but issues persist, collect more details before escalating: |
| 116 | + |
| 117 | +* Review proxy settings. For more information, refer to [Proxy settings](opentelemetry://reference/edot-collector/config/proxy.md). |
| 118 | + |
| 119 | +* If ports are confirmed open but errors persist, [enable debug logging in the SDK](../opentelemetry/edot-sdks/enable-debug-logging.md) or [in the Collector](../opentelemetry/edot-collector/enable-debug-logging.md) for more detail. |
| 120 | + |
| 121 | +* Contact your network administrator with test results if you suspect firewall restrictions. |
0 commit comments