So I have Logstash outputting to Elasticsearch through SSL. It's working great. Haven't had an issue with that.
I am currently trying to redo an index (reindex) using Logstash where you use both the elasticsearch input plugin and the elasticsearch output plugin. I've changed some stuff in the template which is why I want to do this. Anyway I have it set up basically exactly the same as the output plugin but I get an error:
A plugin had an unrecoverable error. Will restart this plugin.
Plugin: <LogStash::Inputs::Elasticsearch ssl=>true, user=>"user", password=><password>, hosts=>["https://elasticsearch.domain.net"], index=>"index-2016.08.04", codec=><LogStash::Codecs::JSON charset=>"UTF-8">, query=>"{\"query\": { \"match_all\": {} } }", scan=>true, size=>1000, scroll=>"1m", docinfo=>false, docinfo_target=>"@metadata", docinfo_fields=>["_index", "_type", "_id"]>
Error: initialize: name or service not known {:level=>:error}
I can ping elasticsearch.domain.net so it doesn't seem like it's a connection issue. Checking the logs on elasticsearch.wadafarms.net I don't see anything that would point to the issue. I'm using the same exact configuration for my output as I do in all my other configuration files which work. It's just the input plugin doesn't seem to like SSL or something. If I don't use SSL, it works just fine but I had to change things around to get that to work which I would prefer to not have to do if I ever do need to reindex again. Anyone have any ideas? Thanks!
Here's my configuration:
input {
elasticsearch {
ssl => true
user => "user"
password => "password"
hosts => [ "https://elasticsearch.domain.net" ]
index => "index-2016.08.04"
}
}
output {
elasticsearch {
ssl => true
user => "user"
password => "password"
hosts => [ "https://elasticsearch.domain.net" ]
index => "index-2016.08.04v2"
manage_template => false
}
}