this is my logstash configuration
input {
beats {
port => 5044
codec => "json_lines"
}
}
output {
if [type] == "heartbeat" {
elasticsearch {
hosts => ["https://127.0.0.1:9200"]
index => "heartbeat-8.1.1"
user => "elastic"
password => "mypas"
ssl_certificate_verification => false
}
}
stdout{
codec => "rubydebug"
}
}
data is showing on the console of logstash that is comming from heartbeat but not going to elasticsearch
this is the data showing on the logstash console
{
"ecs" => {
"version" => "8.0.0"
},
"resolve" => {
"rtt" => {
"us" => 516
},
"ip" => "127.0.0.1"
},
"http" => {
"rtt" => {
"content" => {
"us" => 639
},
"total" => {
"us" => 2331
},
"response_header" => {
"us" => 548
},
"write_request" => {
"us" => 0
},
"validate" => {
"us" => 1187
}
},
"response" => {
"headers" => {
"Content-Type" => "application/json; charset=utf-8",
"Date" => "Wed, 14 Feb 2024 12:43:22 GMT",
"Content-Length" => "27"
},
"status_code" => 200,
"body" => {
"hash" => "8811a6f55cb434d10921bccf7108016db61792083bb929eef0e592e376a0db9a",
"bytes" => 27
},
"mime_type" => "application/json"
}
},
"@version" => "1",
"agent" => {
"type" => "heartbeat",
"name" => "LAPTOP-58N3JBV9",
"id" => "264d665a-eda2-4004-82ea-cfd672add6df",
"version" => "8.12.1",
"ephemeral_id" => "e10770a7-35e1-4c4b-9a23-8c05fc1b931a"
},
"state" => {
"flap_history" => [],
"ends" => nil,
"checks" => 27,
"duration_ms" => "130177",
"status" => "up",
"down" => 0,
"up" => 27,
"id" => "default-18da7a2aa83-0",
"started_at" => "2024-02-14T18:11:12.0673017+05:30"
},
"url" => {
"path" => "/hello",
"scheme" => "http",
"full" => "http://localhost:8080/hello",
"port" => 8080,
"domain" => "localhost"
},
"@timestamp" => 2024-02-14T12:43:22.245Z,
"monitor" => {
"name" => "My Hello World",
"status" => "up",
"type" => "http",
"timespan" => {
"lt" => "2024-02-14T12:43:27.244Z",
"gte" => "2024-02-14T12:43:22.244Z"
},
"id" => "my-hello-world",
"check_group" => "a33cfe02-cb36-11ee-b3f5-fa54f6ff3867-1",
"duration" => {
"us" => 2848
},
"ip" => "127.0.0.1"
},
"tags" => [
[0] "beats_input_raw_event"
],
"event" => {
"dataset" => "http",
"type" => "heartbeat/summary"
},
"tcp" => {
"rtt" => {
"connect" => {
"us" => 1144
}
}
},
"observer" => {
"hostname" => "laptop-58n3jbv9",
"ip" => [
[0] "fe80::6893:4716:41e5:3e1d",
[1] "169.254.128.205",
[2] "fe80::a19b:b9b4:14ee:f678",
[3] "169.254.243.52",
[4] "fe80::ef74:83f6:7d26:111d",
[5] "169.254.149.47",
[6] "fe80::4a53:fbc2:c050:94a2",
[7] "172.16.0.235"
],
"mac" => [
[0] "F8-54-F6-FF-38-67",
[1] "FA-54-F6-FF-38-67",
[2] "FE-54-F6-FF-38-67"
]
},
"summary" => {
"attempt" => 1,
"final_attempt" => true,
"status" => "up",
"max_attempts" => 1,
"up" => 1,
"down" => 0,
"retry_group" => "a33cfe02-cb36-11ee-b3f5-fa54f6ff3867"
}
}
this is my elsticsearch configuration
action.auto_create_index: '*'
# --------------------------------------------------------------------------------
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
#keystore.type: PKCS12
keystore.path: certs/http.p12
keystore.password: essentiallyai
# client_authentication: optional
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
#keystore.type: PKCS12
verification_mode: certificate
#client_authentication: optional
keystore.path: certs/elastic-certificates.p12
#keystore.password: essentiallyai
truststore.path: certs/elastic-certificates.p12
#keystore.password: essentiallyai
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["LAPTOP-58N3JBV9"]
# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0
# Allow other nodes to join the cluster from anywhere
# Connections are encrypted and mutually authenticated
#transport.host: 0.0.0.0
if anyone want additional information please feel free to ask