How to add ssl certificate config parameters for AWS RDS MySQL connection for metricbeat

Chandrashekar · December 28, 2023, 1:05pm

Hi

I am trying to configure the AWS RDS metric using metricbeat mysql module.

I have enabled the require_secure_transport ON for aws rds parametergroup

Below is the mysql.yml (/etc/metricbeat/modules.d/mysql.yml)

module: mysql
metricsets:
- status
  period: 10s
  hosts: ["tcp(my_rds_endpoint:3306)/"]
  username: my_username
  password: my_password

ERROR: {"log.level":"error","@timestamp":"2023-12-28T10:58:23.514Z",
"log.origin":{"file.name":"module/wrapper.go","file.line":256},"message":"Error fetching data for metricset mysql.status:
Error 3159: Connections using insecure transport are prohibited while --require_secure_transport=ON.","service.name":"metricbeat","ecs.version":"1.6.0"}

I tried adding below parameters but still same issue.

module: mysql
metricsets:
- status
  period: 10s
  hosts: ["tcp(my_rds_endpoint:3306)/"]
  username: my_username
  password: my_password
  ssl.enabled: true
  ssl.verification_mode: full
  ssl.certificate_authorities: ["/opt/ssl/global-bundle.pem"]
  logging.level: debug

Note: When i turned of require_secure_transport OFF metricbeat mysql module is working fine
only issue with ssl,

Can anyone please help on this.

Thanks.

lalits · January 2, 2024, 12:33pm

Are you not being able to use the corresponding module - AWS rds metricset | Metricbeat Reference [8.11] | Elastic directly?

lalits · January 2, 2024, 1:57pm

Earlier post on the same - How to add ssl certificate for MySQL connection for metricbeat and open issue - [Metricbeat] Add TLS/SSL configuration options in the MySQL module · Issue #16133 · elastic/beats · GitHub

system · January 30, 2024, 3:58pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.