using docker-compose I´m able to start and monitor my logstash instance with this environment settings:
- XPACK_SECURITY_ENABLED=true - XPACK.MONITORING.ENABLED=true - XPACK.MONITORING.ELASTICSEARCH.HOSTS=["https://192.168.178.100:9200"] - XPACK.MONITORING.ELASTICSEARCH.USERNAME=logstash_system - XPACK.MONITORING.ELASTICSEARCH.PASSWORD=*** - XPACK.MONITORING.ELASTICSEARCH.SSL.CERTIFICATE_AUTHORITY=/usr/share/logstash/certs/ca/ca.crt - XPACK.MONITORING.ELASTICSEARCH.SSL.VERIFICATION_MODE=certificate
I can see the the logstash in kibana/monitoring. But enabling the central pipeline management feature breaks the monitoring (the management works). This is the additional environment variables causing the trouble:
- XPACK.MANAGEMENT.ENABLED=true - XPACK.MANAGEMENT.ELASTICSEARCH.HOSTS=["https://192.168.178.100:9200"] - XPACK.MANAGEMENT.ELASTICSEARCH.USERNAME=logstash_user - XPACK.MANAGEMENT.ELASTICSEARCH.PASSWORD=*** - XPACK.MANAGEMENT.ELASTICSEARCH.SSL.CERTIFICATE_AUTHORITY=/usr/share/logstash/certs/ca/ca.crt - XPACK.MANAGEMENT.ELASTICSEARCH.SSL.VERIFICATION_MODE=certificate - XPACK.MANAGEMENT.PIPELINE.ID=["test_cpm", "test", "beats"] - XPACK.MANAGEMENT.LOGSTASH.POLL_INTERVAL=10s
I have already tried to use logstash_user for both, management and monitoring by granting
to logstash_writer role. Also tried logstash_system as "run as" for logstash_user. no success so far... Any hints?
It seems to me, that using different credentials for monitoring and management pointing to the very same elastic instances leads to this error - is this plausible? Can logstash handle just one user/pass for one ES-Connection?
BTW: I´ve followed the docs closely, and everything is working but the described "monitor vs. management" collision... I can have one or another, but not both at the same time...