Logstash-output-elasticsearch-shield still available?

security

(Tim Dunphy) #1

I just tried installing the logstash-output-elasticsearch-shiled plugin, with no results:

#plugin install logstash-output-elasticsearch-shield --verbose
-> Installing logstash-output-elasticsearch-shield...
Trying https://github.com/null/logstash-output-elasticsearch-shield/archive/master.zip...
Failed: IOException[Can't get https://github.com/null/logstash-output-elasticsearch-shield/archive/master.zip to /usr/share/elasticsearch/plugins/logstash-output-elasticsearch-shield.zip]; nested: FileNotFoundException[https://github.com/null/logstash-output-elasticsearch-shield/archive/master.zip]; nested: FileNotFoundException[https://github.com/null/logstash-output-elasticsearch-shield/archive/master.zip];
Failed to install logstash-output-elasticsearch-shield, reason: failed to download out of all possible locations..., use --verbose to get detailed information

I also tried searching github for the plugin, with no luck. Is this plugin still available?


(Mark Walkom) #2

I don't think there ever was one?
Are you just sending to ES+Shield? If so use the standard ES output and set authentication there.


(Tim Dunphy) #3

I found that output in this documentation:

Logstash Output ES Shield

So maybe the docs need to be updated. :smile:

But yeah, I tried using the standard output. And I'm having some issues there. I write about that problem in another post.


(Mark Walkom) #4

Right, well I can be wrong at times :stuck_out_tongue:


(Tim Dunphy) #5

LOL :wink:


(Jay Modi) #6

I believe the documentation is correct. I didn't have any issues installing this logstash output in a fresh instance of logstash:

$ cd logstash-1.5.2
$ bin/plugin install logstash-output-elasticsearch-shield
Validating logstash-output-elasticsearch-shield
Installing logstash-output-elasticsearch-shield
Installation successful

What version of logstash did you run the install command from?


(Tim Dunphy) #7

Hey Jaymode,

Cool! Thanks for pointing that out. Seems there are two 'plugin' binaries, and I was using the wrong one!

[root@logs:~] #find / -name plugin -type f
/usr/share/elasticsearch/bin/plugin
/opt/logstash/bin/plugin

So I tried using the logstash plugin binary instead of the elasticsearch one, and it worked like a charm!

  [root@logs:~] #/opt/logstash/bin/plugin install logstash-output-elasticsearch-shield
Validating logstash-output-elasticsearch-shield
Installing logstash-output-elasticsearch-shield
Installation successful

I thank you for the advice! Well know that I have logstash working with ES+Shield, I may be content to stick with what I have. But I may use this at some point, as the documentation points out that its more efficient than HTTP mode.

Anyway, thanks again! And I definitely appreciate the tremendous helpfulness of this active community!


(Jay Modi) #8

That's great! I'm glad you were able to get it going.

We're aware of the plugin executable name clash and we're looking at folding the functionality into the elasticsearch command https://github.com/elastic/elasticsearch/issues/11797


(Tim Dunphy) #9

Hey man! Yeah I'm glad I got that sorted out too. And it makes sense to me to fold the functionality of both plugin commands into one. I was actually about to suggest it. Too confusing to have two commands with the same name service different purposes.

Thanks!


(system) #10