Logstash elasticsearch filter plugin 401 error

adityaPsl · October 13, 2019, 2:38am

Hello Team,

We are trying to use elasticsearch filter plugin,But we are getting 401 unauthorised error.
Since our elasticsearch is secured , In elasticsearch output section we have configured SSL, cacert, keystore, and keystore pasdeord, However, we couldn't find the keystore, keystore password options in filter. We don't have Basic Auth so we cannot use user and password paraters.

Could you please help us understand how can we authenticate and use elasticsearch filter plugin,with security enabled for elasticsearch.

Thank you for your help and support.

Thank you,
Aditya

Christian_Dahlqvist · October 13, 2019, 4:27am

How have you secured the cluster if you do not have basic auth? As far as I know the Elasticsearch filter only supports basic auth although you might be able to use a proxy.

adityaPsl · October 15, 2019, 1:00pm

Hello Christian,
Thank you for your reply.

ELK version : 7.2.0

We tried to create new user with all privileges and Tried setting user and password I. Logstash. However we are getting 403 forbidden error.

Found similar issue : Logstash - Elasticsearch filter plugin with basic authentication

Any pointers to resolve the issue are really appreciated.

Thank you for your help and support.

Thank you,
Aditya

system · November 12, 2019, 12:59pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.