I used the keystore option. However I am getting an error still in the logstash logs:
[2020-10-23T12:30:12,313][ERROR][logstash.outputs.elasticsearch][main][cfb043992e163d077a8484921e265afe9c1f8a91be63f606c6d901995bfb6a33] Encountered a retryable error. Will Retry with exponential backoff {:code=>403, :url=>"http://10.103.186.210:9200/_bulk"}
I did use the default logstash_system account that is pre-built into Kibana
I do not have a 6.8 version available but I checked the privileges of the logstash_admin user on my 7.9 stack and it has no write access to any index.
Have you already checked the user documentation about creating a Logstash writer?
Just done that now, created new user with those permissions and added that user into the keystore. Restarted the service and get the same error.
I have a post for this open also on Reddit, someone just mentioned that it may be because the URL is pointing to HTTP and not HTTPS, would that be why it is failing to connect?
Interesting, I just added supersuer to that user account and now the error is not coming up anymore... something missing that is not on that link you sent through before
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.