Connecting logstash to remote elasticsearch running on https with no port specified

Hello ,
i am running Elasticsearch on a website called Cloud IDE gitpod. Once i start the docker image on the gitpod,

docker run \
      --name elasticsearch \
      --net elastic \
      -p 9200:9200 \
      -e discovery.type=single-node \
      -e ES_JAVA_OPTS="-Xms1g -Xmx1g"\
      -e xpack.security.enabled=false \
      -it \
      docker.elastic.co/elasticsearch/elasticsearch:8.2.2

Elasticsearch will start successfully i get a full https public url to access the service.. No PORT will be given in the end:

https://9200-xxxx.gitpod.io/

When i access the url in browser, i am able to see Elasticsearch details :

{
  "name" : "3f0f5479c2cb",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "5P-U6anjQUuIEqrn6IzRvA",
  "version" : {
    "number" : "8.2.3",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "9905bfb62a3f0b044948376b4f607f70a8a151b4",
    "build_date" : "2022-06-08T22:21:36.455508792Z",
    "build_snapshot" : false,
    "lucene_version" : "9.1.0",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

When using logstash, i am not able to connect to https://9200-xxxx.gitpod.io/

elasticsearch{
        hosts => "https://9200-xxxx.gitpod.io/"
        index => "library-mgmt-system-logstasssh-index"
        ecs_compatibility => disabled
    }

It fails with Attempted to resurrect connection to dead ES instance, but got an error {:url=>"https://9200-xxxx.gitpod.io:9200/", :exception=>LogStash::Outputs::Elasticsearch::HttpClient::Pool::HostUnreachableError, :message=>"Elasticsearch Unreachable: [https://9200-xxxx.gitpod.io:9200/][Manticore::ConnectTimeout]

Not sure why logstash is looking for https://9200-xxxx.gitpod.io:9200

But instead it should just connect to

https://9200-xxxx.gitpod.io

where Elasticsearch is running.

https://9200-xxxx.gitpod.io:9200 does not resolve on gitpod. As we cannot use ports . It gives directly https url internally port forward will be done.

Try to use hosts=> "https://your-host-name:443 to tell logstash to use the default https port.

Also, you didn't anonymize your hostname and your cluster is exposed to the internet without any kind of authentication, I would recommend that you set the security features and also change your hostname now, if it is possible.

Thanks leandro :slight_smile: It worked fine ..