Hello,
I have installed a clean installation of Elasticsearch 6.5.4 and heartbeat 6.5.4(Elasticsearch uses HTTPS).
My heartbeat config is as follows:
heartbeat.monitors:
- type: http
# List or urls to query
urls: ["https://myurl:9200"]
username: "beats_system"
password: "${output.elasticsearch.password}"
ssl.certificate_authorities: ["/logserver/applications/pki/myCA.crt"]
check.request.method: GET
check.response.status: 200
# Configure task schedule
schedule: '@every 60s'
After starting heartbeat I get the following error in the heartbeat log:
2019-01-25T07:59:53.007+0100 WARN elasticsearch/client.go:521 Cannot index event publisher.Event{Content:beat.Event{Timestamp:time.Time{wall:0x3295cd29, ext:63683996391, loc:(*time.Location)(0x1fc6920)}, Meta:common.MapStr(nil), Fields:common.MapStr{"monitor":map[string]interface {}{"host":"myurl", "ip":"XXX.XXX.XXX.XXX", "duration":map[string]interface {}{"us":0x26da6}, "status":"down", "scheme":"https", "id":"http@https://myurl:9200", "name":"http", "type":"http"}, "resolve":map[string]interface {}{"host":"myurl", "ip":"XXX.XXX.XXX.XXX", "rtt":map[string]interface {}{"us":0x1b8}}, "beat":map[string]interface {}{"hostname":"myurl", "version":"6.5.4", "name":"myurl"}, "host":map[string]interface {}{"containerized":true, "name":"myurl", "architecture":"x86_64", "os":map[string]interface {}{"codename":"Maipo", "platform":"rhel", "version":"7.6 (Maipo)", "family":""}, "id":"b7ab972bc56541c3aabfab009d16ad0d"}, "error":map[string]interface {}{"type":"validate", "message":"received status code 401 expecting 200"}, "http":map[string]interface {}{"url":"https://myurl:9200", "rtt":map[string]interface {}{"content":map[string]interface {}{"us":0x20}, "total":map[string]interface {}{"us":0x26a4b}, "write_request":map[string]interface {}{"us":0x5a}, "response_header":map[string]interface {}{"us":0x1ca21}, "validate":map[string]interface {}{"us":0x1ca42}}, "response":map[string]interface {}{"status_code":0x191}}, "tcp":map[string]interface {}{"port":0x23f0, "rtt":map[string]interface {}{"connect":map[string]interface {}{"us":0xcb}}}, "tls":map[string]interface {}{"certificate_not_valid_before":map[string]interface {}(nil), "certificate_not_valid_after":map[string]interface {}(nil), "rtt":map[string]interface {}{"handshake":map[string]interface {}{"us":0x9ea2}}}}, Private:interface {}(nil)}, Flags:0x0} (status=400): {"type":"mapper_parsing_exception","reason":"failed to parse field [tls.certificate_not_valid_before] of type [date]","caused_by":{"type":"illegal_state_exception","reason":"Can't get text on a START_OBJECT at 1:129"}}
Can anyone advise what I am doing wrong?