I have been working on this project, and my logstash configuration file works fine. Now I am trying to implement the same thing on a system that is running opendistro/elk stack.
I have tried to fix most of the errors, but now I am receiving this and not sure how to proceed further
...
[INFO ] 2020-10-22 16:13:19.916 [[main]-pipeline-manager] elasticsearch - Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://admin:xxxxxx@localhost:9200/]}}
[WARN ] 2020-10-22 16:13:20.672 [[main]-pipeline-manager] elasticsearch - Restored connection to ES instance {:url=>"https://admin:xxxxxx@localhost:9200/"}
[INFO ] 2020-10-22 16:13:20.948 [[main]-pipeline-manager] elasticsearch - ES Output version determined {:es_version=>7}
[WARN ] 2020-10-22 16:13:20.953 [[main]-pipeline-manager] elasticsearch - Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
[INFO ] 2020-10-22 16:13:20.983 [[main]-pipeline-manager] elasticsearch - New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["https://localhost:9200"]}
[ERROR] 2020-10-22 16:13:21.250 [Converge PipelineAction::Create<main>] agent - Failed to execute action {:id=>:main, :action_type=>LogStash::ConvergeResult::FailedAction, :message=>"Could not execute action: PipelineAction::Create<main>, action_result: false", :backtrace=>nil}
[INFO ] 2020-10-22 16:13:21.629 [LogStash::Runner] runner - Logstash shut down.
Here's the output section of my config
output {
elasticsearch {
hosts => ["https://localhost:9200"]
index => "kcpvxbeattest-%{+YYYY.MM.dd}"
user => "admin"
password => "xxxxxx"
ssl => true
ssl_certificate_verification => false
manage_template => false
ilm_enabled => false
}
stdout {
codec => rubydebug
}
}