Hi All,
I've setup shield on elasticsearch, kibana and logstash.
elasticseach and kibana are fine. But, I got the following error for logstash receiving events.
"error"=>{"type"=>"index_not_found_exception", "reason"=>"no such index", "index"=>"logstash.apache-2016.06.26", "resource.type"=>"index_expression", "resource.id"=>"logstash.apache-2016.06.26"}
If I manually create the indice logstash.apache-2016.06.26 using account logstash, it just works fine.
So, did I miss something?
elasticsearch {
hosts => ["https://localhost:9200"]
user => "logstash"
password => "logstash"
ssl => true
ssl_certificate_verification => false
cacert => '/appl/erp/elastic/elasticsearch-2.3.3/config/shield/rootCA.pem'
index => "logstash.%{type}-%{+YYYY.MM.dd}"
}
Regards,
fung