I am getting the below error when I am starting the logstash
[2019-04-09T17:19:18,094][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://localhost:9300/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://localhost:9300/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"}
My Logstash.config file input:
input {
beats {
port => 5044
}
}
Output:
if [type] == "smaccess" or [type] == "smps" or [type] == "agent" or [type] == "agenttrace" {
stdout { codec => rubydebug }
elasticsearch {
hosts => [ "localhost:9300" ]
index => "siteminder-%{+YYYY.MM.dd}"
ssl => true
ssl_certificate_verification => true
truststore => "/etc/xuv0/apps/elk/elasticsearch-6.5.4/config/client.truststore.jks"
truststore_password => storepass
}
} else {
elasticsearch {
hosts => [ "localhost:9300" ]
ssl => true
ssl_certificate_verification => true
truststore => "/etc/xuv0/apps/elk/elasticsearch-6.5.4/config/client.truststore.jks"
truststore_password => storepass
}
}
}
Can anyone please help me on this? I am not sure why does is it say dead ES instance, both the ports 9200 and 9300 are up and running. Also I gave the correct path to the truststore but still it says can't find the certification path. Please help.