Logstash Node & Pipeline Stack-Monitoring 404 on Kibana

vishakh · July 9, 2020, 5:47am

I'm trying to access Logstash Node and Pipeline from Stack-Monitoring but receiving 404 Not Found

Below is the Kibana-Log when accessing logstash node-pipeline on kibana

{
  "type": "response",
  "@timestamp": "2020-07-09T04:59:29Z",
  "tags": [],
  "pid": 7759,
  "method": "get",
  "statusCode": 404,
  "req": {
    "url": "/logstash/node/5198186a-30ae-4c04-8e09-8b7f27172227?_g=%28cluster_uuid%3A%27-K9t60pMSAm8QupVHCmfEw%27%2CrefreshInterval%3A%28pause%3A%21f%2Cvalue%3A10000%29%2Ctime%3A%28from%3Anow-1h%2Cto%3Anow%29%29",
    "method": "get",
    "headers": {
      "host": "<kibana-address>",
      "x-real-ip": "<user-browser-address>",
      "x-forwarded-for": "<user-browser-address>",
      "x-forwarded-proto": "https",
      "connection": "close",
      "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0",
      "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
      "accept-language": "en-US,en;q=0.5",
      "accept-encoding": "gzip, deflate, br",
      "upgrade-insecure-requests": "1"
    },
    "remoteAddress": "127.0.0.1",
    "userAgent": "127.0.0.1"
  },
  "res": {
    "statusCode": 404,
    "responseTime": 28,
    "contentLength": 9
  },
  "message": "GET /logstash/node/5198186a-30ae-4c04-8e09-8b7f27172227?_g=%28cluster_uuid%3A%27-K9t60pMSAm8QupVHCmfEw%27%2CrefreshInterval%3A%28pause%3A%21f%2Cvalue%3A10000%29%2Ctime%3A%28from%3Anow-1h%2Cto%3Anow%29%29 404 28ms - 9.0B"
}

Can anyone please help me in resolving this error/issue

vishakh · July 9, 2020, 5:56am

Logstash.yml file for reference:


node.name: Logstash-1
path.data: /var/lib/logstash
config.reload.automatic: true
config.reload.interval: 10s
# ------------ HTTP API Settings -------------
# Define settings related to the HTTP API here.
#
# The HTTP API is enabled by default. It can be disabled, but features that rely
# on it will not work as intended.
# http.enabled: true
#
# By default, the HTTP API is bound to only the host's local loopback interface,
# ensuring that it is not accessible to the rest of the network. Because the API
# includes neither authentication nor authorization and has not been hardened or
# tested for use as a publicly-reachable API, binding to publicly accessible IPs
# should be avoided where possible.
#
http.host: 172.16.49.201
#
# The HTTP API web server will listen on an available port from the given range.
# Values can be specified as a single port (e.g., `9600`), or an inclusive range
# of ports (e.g., `9600-9700`).
#
http.port: 9600-9700

# ------------ Metrics Settings --------------
#
# Bind address for the metrics REST endpoint
#
http.host: 172.16.49.201
#
# Bind port for the metrics REST endpoint, this option also accept a range
# (9600-9700) and logstash will pick up the first available ports.
http.port: 9600-9700

# ------------ X-Pack Settings (not applicable for OSS build)--------------
# X-Pack Monitoring

xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: logstash_system
xpack.monitoring.elasticsearch.password: <password>
xpack.monitoring.elasticsearch.hosts: ["https://<elastcsearch>9200"]
xpack.monitoring.elasticsearch.ssl.certificate_authority: /etc/logstash/certs/ca.crt
xpack.monitoring.elasticsearch.ssl.verification_mode: certificate
xpack.monitoring.elasticsearch.sniffing: false
xpack.monitoring.collection.interval: 10s
xpack.monitoring.collection.pipeline.details.enabled: true

# X-Pack Management
xpack.management.enabled: true
xpack.management.pipeline.id: ["FilebeatLogs", "PaloaltoLogs"]
xpack.management.elasticsearch.username: logstash_admin_user
xpack.management.elasticsearch.password: <password>
xpack.management.elasticsearch.hosts: ["https://<elastcsearch>9200"]
xpack.management.elasticsearch.ssl.certificate_authority: /etc/logstash/certs/ca.crt
xpack.management.elasticsearch.ssl.verification_mode: certificate
xpack.management.elasticsearch.sniffing: false
xpack.management.logstash.poll_interval: 5s

chrisronline · July 9, 2020, 12:40pm

See Page not found error in stack monitoring page

vishakh · July 9, 2020, 4:57pm

@chrisronline Thank You
Using " (https://localhost:5601**/app/monitoring#logstash/pipelines/) works where I'm able to access the pipeline.
May I know when we shall be getting the permanent patch on this issue? This is affecting our new production-deployment

chrisronline · July 9, 2020, 5:08pm

See https://github.com/elastic/kibana/pull/69861

vishakh · July 9, 2020, 6:28pm

Thank You @chrisronline for your timely response.
Can we please know when it'll be available for public-release?
If patch available publicly, What modules should we upgrade to resolve this issue ?

vishakh · July 10, 2020, 4:37pm

@chrisronline Just Checking: Do we have any update on the being available for public-release?

chrisronline · July 10, 2020, 4:49pm

We generally can't speak to timelines in terms of releases. It is scheduled to go out with 7.8.1 which is the soonest it will be available.

Badger · July 10, 2020, 5:41pm

If you look at the past schedule of logstash releases you can make your own prediction of how soon 7.8.1 might appear.

vishakh · July 10, 2020, 6:23pm

Thank You @chrisronline

system · August 7, 2020, 6:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.