I'm trying to install a plugins for logstash 6.1.1. We have configured our f/w to NOT decrypt this traffic as it seems to break the plugin installs.
I installed logstash-filter-tld and logstash-filter-rest just fine. But then I can not install logstash-output-syslog.
First I tried this:
# /usr/share/logstash/bin/logstash-plugin install logstash-output-syslog
ERROR: Something went wrong when installing logstash-output-syslog, message: Socket closed
Then I tried downloading the zip from github and tried the below:
# /usr/share/logstash/bin/logstash-plugin install file:///opt/logstash-output-syslog-master.zip
Installing file: /opt/logstash-output-syslog-master.zip
ERROR: Invalid pack for: file:///opt/logstash-output-syslog-master.zip, reason: The pack must contains at least one plugin, message: The pack must contains at least one plugin
Multiple forum posts say this is not the way to install plugins so....
I tried the instructions here: https://www.elastic.co/guide/en/logstash/current/offline-plugins.html
using the configs from the 5.4.3 Logstash server I had running. When I tried to install the resulting file, this is response:
# /usr/share/logstash/bin/logstash-plugin install file:///opt/logstash-offline-plugins-5.6.7.zip
Installing file: /opt/logstash-offline-plugins-5.6.7.zip
ERROR: An error occured when installing the: file:///opt/logstash-offline-plugins-5.6.7.zip, to have more information about the error add a DEBUG=1 before running the command., message: You have requested:
logstash-codec-line = 3.0.8
The bundle currently has logstash-codec-line locked at 3.0.6.
Try running `bundle update logstash-codec-line`
googling "Socket Closed" returned no hits having to do with Logstash.
googling the bundle command didn't give any good instructions on how to run it.
This post: https://github.com/elastic/logstash/issues/3334 may apply, but it's not clear as there is no reference to running that exact command. Should I update all my plugins? Something else? I don't think I have a plugin called logstash-codec-line....
# /usr/share/logstash/bin/bundle update logstash-codec-line
-bash: /usr/share/logstash/bin/bundle: No such file or directory
# /usr/share/logstash/bin/logstash-bundle update logstash-codec-line
-bash: /usr/share/logstash/bin/logstash-bundle: No such file or directory
# locate bundle
doesn't turn up anything.
Suggestions?