Logstash elasticsearch filter plugin 401 error

adityaPsl · October 13, 2019, 2:38am

Hello Team,

We are trying to use elasticsearch filter plugin,But we are getting 401 unauthorised error.
Since our elasticsearch is secured , In elasticsearch output section we have configured SSL, cacert, keystore, and keystore pasdeord, However, we couldn't find the keystore, keystore password options in filter. We don't have Basic Auth so we cannot use user and password paraters.

Could you please help us understand how can we authenticate and use elasticsearch filter plugin,with security enabled for elasticsearch.

Thank you for your help and support.

Thank you,
Aditya

Christian_Dahlqvist · October 13, 2019, 4:27am

How have you secured the cluster if you do not have basic auth? As far as I know the Elasticsearch filter only supports basic auth although you might be able to use a proxy.

adityaPsl · October 15, 2019, 12:58pm

Hello Christian,
Thank you for your reply.

ELK version : 7.2.0

We tried to create new user with all privileges and Tried setting user and password I. Logstash. However we are getting 403 forbidden error.

Found similar issue : Logstash - Elasticsearch filter plugin with basic authentication

Any pointers to resolve the issue are really appreciated.

Thank you for your help and support.

Thank you,
Aditya

system · November 12, 2019, 12:59pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash - Elasticsearch filter plugin with basic authentication Logstash	3	890	July 3, 2020
Logstash elasticsearch filter plugin authentication issues Logstash	3	846	January 1, 2021
401 Unauthorized Elasticsearch	3	37149	March 8, 2018
Trouble using elasticsearch filter plugin Logstash	8	3340	October 26, 2017
Logstash -> Elastic 403 permission issue Logstash elastic-stack-security	1	1637	May 13, 2020

Logstash elasticsearch filter plugin 401 error

Related topics