Format issue using http output plugin to send logs from logstash to azure eventhub


I am facing an issue in forwarding logs from logstash to the event hub, below is the conf file. the requirement is to forward winlog beats logs to the event hub.
I am receiving logs in elastic if I kept the format filed as "message" but the logs are not readable, I tried to change the format field to JSON but then I'm not able to receive logs in elastic.


input { 
  beats {
     port => 5099

filter {}

output {
 #stdout { codec => rubydebug }
 http {
 url => ""
  content_type => "application/x-www-form-urlencoded"
  http_method => "post"
  format => "message"
  headers => {
    "Host" => ""
    "Authorization" => "***********"

You are using https and I don't see certs params in your output http.

Easiest way is to set ssl_verification_mode => "none". Latter add full cert structure.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.