How to authenticate Logstash output to a secure Elasticsearch URL (version 5.6.5)

坚强是说给别人听的谎言 提交于 2019-12-05 22:23:22

I found the root cause of the issue. There were three things to fix:

  1. The logstash version I tested with was wrong 5.5.0. I downloaded the correct version to match with Elasticsearch Version 5.6.5.

  2. The host I used was running on 443 port. When I didn't specify the port as below logstash appended 9200 with it, due to which the connection failed.

    hosts => ['https://my.es.server.com']

    Below configuration corrected the port used by logstash.

    hosts => ['https://my.es.server.com:443']

  3. I was missing proxy connection settings.

    proxy => 'http://my.proxy.com:80'

Overall settings that worked.

output {
    elasticsearch {
       hosts => ['https://my.es.server.com:443']
       user => 'esusername'
       password => 'espassword'
       proxy => 'http://my.proxy:80'
       index => "my-index-%{+YYYY.MM.dd}"
    }
}

No need for 'ssl' field.

Also NO need for 'xpack' installation for this requirement.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!