Access to elasticsearch server from logstash into private subnet on AWS

Elastic Stack Logstash
1

Hi, can someone help me to resolve this problem?

I'm new in ELK stack and I deployed it on AWS. Logstash and elasticseach are hosted on different EC2 instances into a private VPC subnet. These EC2 instances are hosted behind an AWS alb.

My logstash output plugin configuration is:

output {
elasticsearch {
hosts => "http://my_private_ip_address:9200/"
}
}

When I run this command : bin/logstash -f /etc/logstash/conf.d/ I'm face of this

Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"http://my_private_ip_address:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://my_private_ip_address:9200/][Manticore::ConnectTimeout] connect timed out"}

Can you please help me to resolve this issue.

2

can you connect to the Elasticsearch node from the Logstash node without Logstash?

curl -X GET http://my_private_ip_address:9200/_cat/master?v
3

No I can't. Connection through port 9200 is refused

the exact message is: curl: (7) Failed to connect to my_private_ip_address port 9200: Connection refused

4

For my logstash node instance (EC2) all port in outbound traffic are open into My VPC and inbound traffic to my elasticseach insatnce is also open to all traffic into my VPC

5

Then the problem lies outside of the Elastic Stack.

Previously, when using AWS for other purposes, I have had to open specific routes between hosts in my virtual private network in order to create paths between hosts.

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.