Cant install netflow plugin for kibana

Elastic Stack Logstash
1

Good day!
Im try install netflow plugin from this guide https://www.elastic.co/guide/en/logstash/current/netflow-module.html

My environment:
centos 7.6 - 192.168.20.56 - elk2
centos 7.6 - 192.168.20.57 - elk1
centos 7.6 - 192.168.20.58 - elk3

Elasticsearch work in docker and installed in elk1,2,3
Logstash work on host elk1 without docker
Kibana work on host elk1 withoud docker

Elasticsearch worked perfect and i dont have any problems with it

My logstash configs

cat logstash.conf

input {                                                                                                                                                                                                                                      
  udp {
port => 2055
receive_buffer_bytes => 16777216
workers  => 16
codec => netflow {
  versions => [5, 9]
}
type => netflow
  }
}                                                                                                                                                                                                                                            

output {

  }
  if [type] == "netflow" {
  elasticsearch {
index => "logstash_nf-%{+YYYY.MM.dd}"
hosts => ["192.168.20.56:9200","192.168.20.57:9200","192.168.20.58:9200"]
  }
} else {
elasticsearch {
        hosts => ["192.168.20.56:9200","192.168.20.57:9200","192.168.20.58:9200"]
}

cat logstash.yml

xpack.monitoring.elasticsearch.hosts: http://192.168.20.57:9200

modules:
- name: netflow
    var.input.udp.port: 2055
    var.input.udp.workers: 16
    var.input.udp.receive_buffer_bytes: 212992
    var.elasticsearch.hosts: "http://192.168.20.57:9200"
    var.kibana.host: "http://192.168.20.57:5601"

Now im trying use this command for install plugin to kibana: /usr/share/logstash/bin/logstash --path.settings /etc/logstash --modules netflow --setup -M netflow.var.input.udp.port=9996

and have next message: https://pastebin.com/UY3Gerx1

when checked url http://192.168.20.57:9200 i have next message

{
  "name" : "SdKR3Xb",
  "cluster_name" : "dev-cluster",
  "cluster_uuid" : "b2xFkCR9SEG5D2I9hN4rSw",
  "version" : {
    "number" : "6.7.0",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "8453f77",
    "build_date" : "2019-03-21T15:32:29.844721Z",
    "build_snapshot" : false,
    "lucene_version" : "7.7.0",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}

when checked url http://192.168.20.57:5601 its also work.

But when i checked http://192.168.20.57:5601/status i cant find netflow plugin.

Question: Why i cant install from logstash to kibana netflow template?

2

Now work with this command
/usr/share/logstash/bin/logstash --modules netflow --setup -M "netflow.var.input.udp.port=9996" -M "netflow.var.elasticsearch.hosts=http://192.168.20.57:9200" -M "netflow.var.kibana.host=192.168.20.57:5601" -M "netflow.var.elasticsearch.ssl.enabled=false" -M "netflow.var.kibana.scheme=http" -M "netflow.var.kibana.ssl.enabled=false" -M "netflow.var.kibana.ssl.verification_mode=disable"

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.