while trying to setup a test Logstash instance, i struggle to get it running.
The following error appears, viewable via journalctl:
ERROR: Failed to load settings file from "path.settings". Aborting... path.setting=/etc/logstash, exception=Java::OrgLogstashSecretStore::SecretStoreException::AccessException, message=>Can not access Logstash keystore at /etc/logstash/logstash.keystore. Please verify correct file permissions and keystore password.
I already went through the available topics here and other resources dealing with the same issue, which unfortunately did not help to resolve the issue.
The interesting aspect is that even when the keystore is password-less and with most open permissions, the error remains.
SSL communication to elasticsearch is intended, certs are in the correct place, relevant passwords are in the keystore and the logstash.yml is adjusted accordingly.
The most likely your OS and user accounts have restrictions.
The /etc/logstash/ is normally owned by root:root. Additionally, systemctl run LS as the "logstash" user which reads config path -> /etc/logstash/.
Check permissions on the config directory and logstash.keystore
If 1. doesn't work, test purpose set different user in: /usr/lib/systemd/system/logstash.service and run the service again.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.