Hi,
I am trying to pull data from on-premises cluster is with SSL is enabled and I am working with Logstash -7.16.3 version and Elastic cluster is 7.17.11 version.
Below is the error I am getting and Logstash configuration. Please help me to understand the issue & resolve!! Thanks in advance.
Error:
[ERROR][logstash.javapipeline ][main] Pipeline error {:pipeline_id=>"main", :exception=>#<Manticore::SocketException: Connect to vision.ai.org:9200 [vision.ai.org/10...***] failed: Connection refused: connect
Configuration:
input {
elasticsearch {
ssl => true
id => "<idvalue>"
api_key => "<key value>"
hosts => ["vision.ai.org"]
index => ".ds-logs-windows.abc-default-2024.04.25-000049"
query => '{ "query": { "query_string": { "query": "*" } } }'
size => 500
scroll => "5m"
docinfo => true
docinfo_target => "[@metadata][doc]"
}
}
filter{
}
output {
microsoft-sentinel-log-analytics-logstash-output-plugin {
create_sample_file => true
sample_file_path => "E:\\temp"
}
}