Illegal Character Authority Error Elasticsearch Filter

wwalker · July 16, 2019, 8:42pm

When performing an Elasticsearch filter query, I get the below error (I've replaced sensitive values with an equivilent number of Xs.

[WARN ][logstash.filters.elasticsearch] Failed to query elasticsearch for previous event {:index=>"servicenow-*", :error=>"Illegal character in authority at index 8: https://{:host=>\"xxxxxxxxx.xxxxxxxxx.net:9200\", :scheme=>\"https\", :protocol=>\"https\", :port=>9200}:9200/servicenow-%2A/_search?q=number%3AXXX0029703&size=1&sort=%40timestamp%3Adesc"}

What does it mean by, illegal character in authority at index 8?

Badger · July 16, 2019, 10:04pm

That is an elasticsearch question, not a logstash question

wwalker · July 16, 2019, 10:17pm

I figured out the issue, it was with the elasticsearch filter and a bug in it. I had to remove ssl => enabled and use https:// in the hosts field.

system · August 13, 2019, 10:17pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Illegal character in authority at index 8: Logstash	13	5458	September 2, 2020
Error connecting to secured ES cluster from logstash.filters.elasticsearch Logstash	1	626	May 31, 2019
Problem with logstash-filter-elasticsearch when connecting to SSL enabled ES cluster Logstash	1	775	January 11, 2018
"Illegal character in path" Elasticsearch	1	738	July 6, 2017
IllegalArgumentException error Elasticsearch	6	950	July 5, 2017

Illegal Character Authority Error Elasticsearch Filter

Related topics