Getting 403 error connecting Logstash to ElasticSearch

ozonshak · June 11, 2020, 4:37pm

Hello. I'm attempting to connect Logstash to ElasticSearch in a secure manner for the first time. I'm following the instructions here:

https://www.elastic.co/guide/en/logstash/current/ls-security.html

I keep getting this error:

LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError: Got response code '403' contacting Elasticsearch at URL 'http://###.##.###.###:9243/logstash'

I believe I have my user created and setup correctly. Here are the permissions for the role:

If I use the "elastic" super user, it seems to work fine. So, I must be missing a permission. As far as I can tell, I set this up just like the documentation, so I'm not sure what I'm missing here. If anyone can see anything obvious, please let me know. I would prefer not using the super user for everything

ozonshak · June 11, 2020, 4:47pm

Sorry, never mind. I literally found the solution right after posting this. The solution is here:

https://www.gitmemory.com/issue/elastic/logstash/10722/486614924

Elastic might need to update their online documentation a bit to cover this.

system · July 9, 2020, 4:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash -> Elastic 403 permission issue Logstash elastic-stack-security	1	1655	May 13, 2020
Logstash works but put a lot of 403 errors in log Logstash	2	247	August 13, 2021
Logstash new install: response code '403' contacting Elasticsearch Logstash	1	2155	April 16, 2021
LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError: Got response code '403' contacting Elasticsearch at URL 'http://localhost:9200/logstash' Logstash	1	4847	September 10, 2019
Got response code '403' contacting Elasticsearch at URL Logstash elastic-stack-security	5	1869	February 15, 2023

Getting 403 error connecting Logstash to ElasticSearch

Related topics