Hi, I have the following logstash configuration, and when I run it it gives me the error.
the input server is hosted on elastic cloud v7.9 and the output server is hosted on AWS elasticsearch v7.8, any clue how to solve this error?
[2020-11-21T15:07:45,444][ERROR][logstash.outputs.elasticsearch][main] Failed to install template.
{:message=>"Got response code '401' contacting Elasticsearch at URL
'https://xxx.eu-west-1.es.amazonaws.com:443/_xpack'"
A 401 error is 'Unauthorized'. You have supplied a user/password, and a 401 error suggests that they are valid, but do not have the permissions required.
This document describes the roles that should be granted to the user used in an elasticsearch output.
I am using the super user (elastic) with the following permission, it is assigned to the all_access role which has the following definition, I am not sure what other permission needed for this user to be able to overcome the error above? My worry is that logstash tries to install a template that requires a specific plugin to be installed, is that the case?
{
"description": "Allow full access to all indices and all cluster APIs",
"index_permissions": [
{
"index_patterns": [
"*"
],
"fls": [],
"masked_fields": [],
"allowed_actions": [
"*"
]
}
],
"tenant_permissions": [
{
"tenant_patterns": [
"*"
],
"allowed_actions": [
"kibana_all_write"
]
}
],
"cluster_permissions": [
"*"
]
}
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.