Filebeat to logstash not working

I have configured ELK cluster basic version and enabled TLS/SSL. it works fine until logstash. The communication between filebeat to logstash is not working. I dont see any errors in filebeat. Please help if SSL configuration below is right.

Here is my configuration:



  • type: log
    close_inactive: 10m

    enabled: true


    • /app1/log/rp.log
      fileds: {log_type: APP_RP_AMS1}

hosts: [""]
- /app1/filebeat/config/certs/ca.crt

Filebeat trace:

Logstash config: logstash.yml logstash.local
#path.config: /usr/share/logstash/pipeline-config/*.conf
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: logstash_system
xpack.monitoring.elasticsearch.password: 'pwd'
xpack.monitoring.elasticsearch.hosts: [ "" ]
xpack.monitoring.elasticsearch.ssl.certificate_authority: /usr/share/logstash/config/certs/ca.crt

Pipeline config:

input {
beats {
port =>5033

            ssl => true
            ssl_key => '/usr/share/logstash/config/certs/logstash.pkcs8.key'
            ssl_certificate => '/usr/share/logstash/config/certs/logstash.crt'

filter {
output {
if [fields][log_type] == "APP_RP_AMS1" {
elasticsearch {
hosts => ["","",""]
index => "rp_ams1_log-%{+YYYY.MM.dd}"
cacert => '/usr/share/logstash/config/certs/ca.crt'
user => 'logstash_writer'
password => 'pwd'

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.