How to mention elasticsearch credentials in logstash config?


I recently enabled x-pack security on elasticsearch and set up passwords for built-in users successfully . However now i get an error when trying to ingest some logs

[2021-07-23T13:02:58,225][WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead ES instance, but got an error {:url=>"http://elastic:xxxxxx@", :exception=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError, :message=>"Got response code '401' contacting Elasticsearch at URL ''"

here's my output section in the logstash config :- I don't want to specify password in plain text, (which works when password is mentioned in plain text) , is there way to mention the keystore value here?

The below format currently works properly

output {

 elasticsearch { hosts => [""]
                        index => "logstash_viz1"
                        user => "elastic"
                        password => "test123"

You can use logstash keystore and eliminate the possibility of putting username and passwords in plaintext.

This article should help you out
(Secrets keystore for secure settings | Logstash Reference [7.13] | Elastic)


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.