Okei so i have this case:
I have tree server which are running the whole stack, and they are set up so:
Filebeat => Logstash => Elasticsearch/Kibana
And I successfully configured that the Filebeat sends logs from his server all too the Elasticksearch/Kibana without any security. But now I would like to use SSL to secure the connection between those servers. What I did so far I could create a self signed certificate on the Logstash server and copied the Filebeat server so that he can verify that thats the correct server so Filebeat => Logstash works. What I could not get to working is Logstash => Elasticsearch/kibana It writes an error in the logs really late, like it waits filebeat to first send the logs and than it gets and error.
So my question is, how do I correctly configure that Logstash so it can communicate with the Elasticsearch/kibana sever with SSL correctly?
So here is my output config from Logstash:
output {
elasticsearch {
hosts => "12.12.12:9200" #random IP
ssl => true
manage_template => false
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
document_type => "%{[@metadata][type]}"
}
}
Elasticsearch.yml config:
script.groovy.sandbox.enabled: true
shield.ssl.keystore.path: /usr/lib/jvm/java-7-openjdk-amd64/jre/lib/security/cacerts
shield.ssl.keystore.password: changeit
shield.ssl.keystore.key_password: changeit
http.port: 9200
shield.http.ssl: true
shield.transport.ssl: true
but I always get this error:
:message=>"Failed to flush outgoing items", :outgoing_count=>1, :exception=>"Manticore::ClientProtocolException"