STGRESZC-M-F2Q5:~ stgreszc$ logstash --modules netflow --setup -M netflow.var.input.udp.port=9996 -M netflow.var.kibana.host="elk-alln-001:5601" -M netflow.var.elasticsearch.hosts="elk-alln-001:9200"
Thread.exclusive is deprecated, use Thread::Mutex
Sending Logstash logs to /usr/local/Cellar/logstash/7.2.0/libexec/logs which is now configured via log4j2.properties
[2019-07-23T15:55:07,131][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2019-07-23T15:55:07,154][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"7.2.0"}
[2019-07-23T15:55:07,830][INFO ][logstash.config.modulescommon] Setting up the netflow module
[2019-07-23T15:55:08,655][ERROR][logstash.modules.kibanaclient] Error when executing Kibana client request {:error=>#<Manticore::UnknownException: Unrecognized SSL message, plaintext connection?>}
[2019-07-23T15:55:09,279][ERROR][logstash.modules.kibanaclient] Error when executing Kibana client request {:error=>#<Manticore::UnknownException: Unrecognized SSL message, plaintext connection?>}
[2019-07-23T15:55:09,452][ERROR][logstash.config.sourceloader] Could not fetch all the sources {:exception=>LogStash::ConfigLoadingError, :message=>"Failed to import module configurations to Elasticsearch and/or Kibana. Module: netflow has Elasticsearch hosts: ["elk-alln-001:9200"] and Kibana hosts: ["elk-alln-001:5601"]", :backtrace=>["/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/config/modules_common.rb:108:in block in pipeline_configs'", "org/jruby/RubyArray.java:1792:in each'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/config/modules_common.rb:54:in pipeline_configs'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/config/source/modules.rb:14:in pipeline_configs'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/config/source_loader.rb:61:in block in fetch'", "org/jruby/RubyArray.java:2572:in collect'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/config/source_loader.rb:60:in fetch'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/agent.rb:148:in converge_state_and_update'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/agent.rb:96:in execute'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/runner.rb:367:in block in execute'", "/usr/local/Cellar/logstash/7.2.0/libexec/vendor/bundle/jruby/2.5.0/gems/stud-0.0.23/lib/stud/task.rb:24:in block in initialize'"]} [2019-07-23T15:55:09,462][ERROR][logstash.agent ] An exception happened when converging configuration {:exception=>RuntimeError, :message=>"Could not fetch the configuration, message: Failed to import module configurations to Elasticsearch and/or Kibana. Module: netflow has Elasticsearch hosts: [\"elk-alln-001:9200\"] and Kibana hosts: [\"elk-alln-001:5601\"]", :backtrace=>["/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/agent.rb:155:in converge_state_and_update'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/agent.rb:96:in execute'", "/usr/local/Cellar/logstash/7.2.0/libexec/logstash-core/lib/logstash/runner.rb:367:in block in execute'", "/usr/local/Cellar/logstash/7.2.0/libexec/vendor/bundle/jruby/2.5.0/gems/stud-0.0.23/lib/stud/task.rb:24:in `block in initialize'"]}
[2019-07-23T15:55:09,763][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[2019-07-23T15:55:14,755][INFO ][logstash.runner ] Logstash shut down.
For all general issues, please provide the following details for fast resolution:
- Version: 7.2
- Operating System: (Mac OSX Homebrew)
- Config File (if you have sensitive info, please remove it): using CLI commands from https://www.elastic.co/guide/en/logstash/current/netflow-module.html#configuring-netflow
- Sample Data:
- Steps to Reproduce: Run logstash 7.2 using CLI (and point to Kibana/ES server using CLI): logstash --modules netflow --setup -M netflow.var.input.udp.port=9996 -M netflow.var.kibana.host="elk-alln-001:5601" -M netflow.var.elasticsearch.hosts="elk-alln-001:9200"