Getting 403 error connecting Logstash to ElasticSearch

ozonshak · June 11, 2020, 4:37pm

Hello. I'm attempting to connect Logstash to ElasticSearch in a secure manner for the first time. I'm following the instructions here:

https://www.elastic.co/guide/en/logstash/current/ls-security.html

I keep getting this error:

LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError: Got response code '403' contacting Elasticsearch at URL 'http://###.##.###.###:9243/logstash'

I believe I have my user created and setup correctly. Here are the permissions for the role:

If I use the "elastic" super user, it seems to work fine. So, I must be missing a permission. As far as I can tell, I set this up just like the documentation, so I'm not sure what I'm missing here. If anyone can see anything obvious, please let me know. I would prefer not using the super user for everything

ozonshak · June 11, 2020, 4:47pm

Sorry, never mind. I literally found the solution right after posting this. The solution is here:

https://www.gitmemory.com/issue/elastic/logstash/10722/486614924

Elastic might need to update their online documentation a bit to cover this.

system · July 9, 2020, 4:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash new install: response code '403' contacting Elasticsearch Logstash	1	2065	April 16, 2021
Got response code '403' contacting Elasticsearch at URL Logstash elastic-stack-security	5	1455	February 15, 2023
Logstash -> Elastic 403 permission issue Logstash elastic-stack-security	1	1621	May 13, 2020
Logstash 8.11 reports error 403 Logstash	4	386	February 28, 2024
Getiing this error 403 forbidden erro in "logstash-plain.log Logstash	2	1607	August 16, 2020

Getting 403 error connecting Logstash to ElasticSearch

Related topics