I try to set up a password protected Logstash keystore. It works when I run Logstash from the command line (as root, with set environment variable for the keystore), but when running as a systemd service (installed from deb package) it fails with:
Jul 31 14:00:06 my-server01 logstash[7380]: [2019-07-31T14:00:06,606][ERROR][logstash.config.sourceloader] Could not fetch all the sources {:exception=>LogStash::ConfigLoadingError, :message=>"The following config files contains non-ascii characters but are not UTF-8 encoded ["/etc/logstash/logstash.keystore"]", :backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/config/source/local.rb:83:in `read'", "/usr/share/logstash/logstash-core/lib/logstash/config/source/local.rb:94:in `read'", "/usr/share/logstash/logstash-core/lib/logstash/config/source/local.rb:190:in `local_pipeline_configs'", "/usr/share/logstash/logstash-core/lib/logstash/config/source/local.rb:161:in `pipeline_configs'", "/usr/share/logstash/logstash-core/lib/logstash/config/source_loader.rb:61:in `block in fetch'", "org/jruby/RubyArray.java:2572:in `collect'", "/usr/share/logstash/logstash-core/lib/logstash/config/source_loader.rb:60:in `fetch'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:148:in `converge_state_and_update'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:96:in `execute'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:367:in `block in execute'", "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/stud-0.0.23/lib/stud/task.rb:24:in `block in initialize'"]}
Jul 31 14:00:06 my-server01 logstash[7380]: [2019-07-31T14:00:06,615][ERROR][logstash.agent ] An exception happened when converging configuration {:exception=>RuntimeError, :message=>"Could not fetch the configuration, message: The following config files contains non-ascii characters but are not UTF-8 encoded ["/etc/logstash/logstash.keystore"]", :backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/agent.rb:155:in
converge_state_and_update'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:96:in
execute'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:367:inblock in execute'", "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/stud-0.0.23/lib/stud/task.rb:24:in
block in initialize'"]}
I created the keystore this way:
- Created file /etc/sysconfig/logstash, owner root, permissions 600, with content:
LOGSTASH_KEYSTORE_PASS=mypassword
- On terminal as root:
set +o history
export LOGSTASH_KEYSTORE_PASS=mypassword
set -o history
sudo -E /usr/share/logstash/bin/logstash-keystore --path.settings /etc/logstash create - Add Elasticsearch password:
sudo -E /usr/share/logstash/bin/logstash-keystore --path.settings /etc/logstash add ES_PWD