Logstash elasticsearch input snapshot

Elastic Stack Logstash
1

We are trying to input elasticsearch snapshots to logstash to support a dashboard on kibana to display elasticsearch cluster snapshots. Below is not working. No error just no index gets created. The curl command does produce results. We verified specifying another index and query does work.

input {
elasticsearch {
hosts => "...:9200/_snapshot/production-elasticsearch2-bck/_all"
}
}

output {
elasticsearch {
hosts => [ "....*:9200" ]
index => "elasticsearch-backup"
document_type => "backup"
document_id => "rrc102-production"
}
}

curl 'http://....*:9200/_snapshot/production-elasticsearch2-bck/_all'

2

You can't use the elasticsearch input like that. To make arbitrary HTTP requests you can use the http_poller input.

3

Got it, looking now..

4

Hitting a required input but docs do not indicate required correct? logstash version 6.3

[2018-09-27T14:37:19,381][ERROR][logstash.inputs.http_poller] Missing a required setting for the http_poller input plugin:

input {
http_poller {
schedule => # SETTING MISSING
...
}
}

input {
http_poller {
urls => {
test1 => "http://...:9200"
test2 => {
# Supports all options supported by ruby's Manticore HTTP client
method => get
url => "http://...:9200/_cluster/health"
headers => {
Accept => "application/json"
}
}
}
request_timeout => 60
interval => 60
codec => "json"
# A hash of request metadata info (timing, response headers, etc.) will be sent here
metadata_target => "http_poller_metadata"
}
}

5

Added the schedule. That will work fine.

Thanks

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.