LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://localhost:9200/]

Shahnaz_Shariff · February 6, 2018, 3:39pm

I installed x-pack on elasticsearch, kibana, and logstash.

Elasticsearch.yml

bootstrap.memory_lock: true
transport.host: localhost
transport.tcp.port: 9300
network.host: 0.0.0.0
http.port: 9200
xpack.ssl.keystore.path: certs/elastic-certificates.p12
xpack.ssl.truststore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate

Kibana.yml

server.port:5601
server.host: xx.xx.xx.xx
elasticsearch.url: "http://xx.xx.xx.xx:9200/"
elasticsearch.requestTimeout: 90000`
elasticsearch.username: "kibana"
elasticsearch.password: <pwd_generated>

Logstash.yml

pipeline.workers: 4
pipeline.batch.size: 5
pipeline.batch.delay: 300
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.url: http://xx.xx.xx.xx:9200/
xpack.monitoring.elasticsearch.username: logstash_system
xpack.monitoring.elasticsearch.password: <pwd_generated>

Logstash config file:

input { stdin { codec => plain { charset => "ISO-8859-1" } } }

filter { }

output {
  elasticsearch {
        hosts => ["http://xx.xx.xx.xx:9200"]
        user => "elastic"
        password => <modified_pwd>
         }
  stdout { codec => rubydebug }
}

With this setting, I started elasticsearch, kibana, and logstash. Data was written into the index for about 10 mins and then it starts throwing this error:

[2018-02-05T23:20:02,277][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://localhost:9200/, :path=>"/"}
[2018-02-05T23:20:02,280][WARN ][logstash.licensechecker.licensereader] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"http://localhost:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://localhost:9200/][Manticore::SocketException] Connection refused (Connection refused)"}

Any help will be appreciated! Thanks!

codetrane · February 6, 2018, 4:54pm

Hi, I am just guessing since I am not sure what's your real set up, but I am seeing you have these 2 configs. Have you tried to use the IP instead?.

TimV · February 7, 2018, 12:21am

That error looks like it's coming from Logstash monitoring.
Trying configuring xpack.monitoring.elasticsearch.url (as well as .username and .password)

Configuring Monitoring for Logstash Nodes | Logstash Reference [6.1] | Elastic

ryext · February 21, 2018, 8:25am

i have the same issue.
but my elastic search is on localhost:9200
i creater the itenral user gave it the writter role added it to the .conf
and to the logstash.yml i added the logstash_system which i previously set a password for.

system · March 21, 2018, 8:25am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.