Cant feed data into ES

Elastic Stack Logstash
1

Hello,

I have setup a server with ES, kibana and logstash.

When I try to feed data to ES using logstash, I get

[2017-11-02T10:38:55,197][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://logstash_system:xxxxxx@localhost:9200/, :path=>"/"} [2017-11-02T10:38:55,333][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"http://logstash_system:xxxxxx@localhost:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError, :error=>"Got response code '401' contacting Elasticsearch at URL 'http://localhost:9200/'"}

Which looks like logstash_system user can't authentify/access ES.

I changed logstash_system user's password, following the setup XPACK security doc.

Do I need to tell ES that logstash_system has a custom password ? What is logstash_system default password ?

When I

curl -u logstash_system -XGET http://localhost:9200/

And use the logstash password I've set, I get a correct response ("you know, for search" default response).

The logstash user I use for writting is logstash_writer, another user.

logstash.conf :

input {
  file {
       path => "/a/cool/path"
       start_position => "beginning"
       sincedb_path => "/dev/null"
  }
}

filter {
       csv {
           separator => ","
           columns => ["column", "column2"]
        }
}

output {
        elasticsearch {
                      user => "logstash_writer"
                      password => "pswd"
                      hosts => "http://localhost:9200"
                      index => "index"
        }
        stdout { codec => rubydebug }
}

Thanks

2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.