Logstash elasticsearch input snapshot

frankfoti · September 27, 2018, 6:10pm

We are trying to input elasticsearch snapshots to logstash to support a dashboard on kibana to display elasticsearch cluster snapshots. Below is not working. No error just no index gets created. The curl command does produce results. We verified specifying another index and query does work.

input {
elasticsearch {
hosts => "...:9200/_snapshot/production-elasticsearch2-bck/_all"
}
}

output {
elasticsearch {
hosts => [ "....*:9200" ]
index => "elasticsearch-backup"
document_type => "backup"
document_id => "rrc102-production"
}
}

curl 'http://....*:9200/_snapshot/production-elasticsearch2-bck/_all'

magnusbaeck · September 27, 2018, 6:18pm

You can't use the elasticsearch input like that. To make arbitrary HTTP requests you can use the http_poller input.

frankfoti · September 27, 2018, 6:20pm

Got it, looking now..

frankfoti · September 27, 2018, 6:51pm

Hitting a required input but docs do not indicate required correct? logstash version 6.3

[2018-09-27T14:37:19,381][ERROR][logstash.inputs.http_poller] Missing a required setting for the http_poller input plugin:

input {
http_poller {
schedule => # SETTING MISSING
...
}
}

input {
http_poller {
urls => {
test1 => "http://...:9200"
test2 => {
# Supports all options supported by ruby's Manticore HTTP client
method => get
url => "http://...:9200/_cluster/health"
headers => {
Accept => "application/json"
}
}
}
request_timeout => 60
interval => 60
codec => "json"
# A hash of request metadata info (timing, response headers, etc.) will be sent here
metadata_target => "http_poller_metadata"
}
}

frankfoti · September 27, 2018, 7:09pm

Added the schedule. That will work fine.

Thanks

system · October 25, 2018, 7:09pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.