However, the steps suggested for Logstash 5.x don't seem to work, especially when using remove_backup_jndi_lookup.rb.
Trying to run the the remove_backup_jndi_lookup.rb as suggested in the link throws an error on Logstash 5.x nodes. For e.g. assuming the script is located at /root/remove_backup_jndi_lookup.rb
$ vendor/jruby/bin/ruby /root/remove_backup_jndi_lookup.rb
-bash: vendor/jruby/bin/ruby: No such file or directory
$ bin/ruby /root/remove_backup_jndi_lookup.rb
LoadError: no such file to load -- zip
require at org/jruby/RubyKernel.java:1040
require at /usr/share/logstash/vendor/jruby/lib/ruby/shared/rubygems/core_ext/kernel_require.rb:54
(root) at /root/remove_backup_jndi_lookup.rb:7
On Logstash 5.x.x run vendor/jruby/bin/ruby /tmp/remove_jndi_lookup.rb
There's an accidental typo and it should be vendor/jruby/bin/jruby. i.e. instead of ruby it should be jruby.
Fixing this throws another error:
$ vendor/jruby/bin/jruby /root/remove_backup_jndi_lookup.rb
LoadError: no such file to load -- zip
require at org/jruby/RubyKernel.java:1040
require at /usr/share/logstash/vendor/jruby/lib/ruby/shared/rubygems/core_ext/kernel_require.rb:54
(root) at /root/remove_backup_jndi_lookup.rb:7
or using bin/ruby
$ bin/ruby /root/remove_backup_jndi_lookup.rb
LoadError: no such file to load -- zip
require at org/jruby/RubyKernel.java:1040
require at /usr/share/logstash/vendor/jruby/lib/ruby/shared/rubygems/core_ext/kernel_require.rb:54
(root) at /root/remove_backup_jndi_lookup.rb:7
From /usr/share/logstash dir,
The solution is to set export GEM_HOME=./vendor/bundle/jruby/1.9 after deleting jar_backup/ directory and then run vendor/jruby/bin/jruby /<path_to_ruby_script>/remove_backup_jndi_lookup.rb
OR bin/ruby /<path_to_ruby_script>/remove_backup_jndi_lookup.rb and it should complete successfully.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
