Trying to connect Logstash to Elastic Cloud but getting error 400. My Logstash config is below, any help appreciated.
input {
tcp {
port => 9600
}
}
filter {
grok {
match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp}
%{SYSLOGHOST:syslog_hostname}
%{DATA:syslog_program}(?:[%{POSINT:syslog_pid}])?:
%{GREEDYDATA:syslog_message}" }
}
}
output {
elasticsearch {
hosts => [ "https://$our_elastic_url.aws.found.io:9243" ]
user => "elastic"
password=> "$password"
}
}
Logtash Error
[WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://elastic:xxxxxx@$our_elastic_url.us-east-1.aws.found.io:9243/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError, :error=>"Got response code '400' contacting Elasticsearch at URL 'https://$our_elastic_url.us-east-1.aws.found.io:9243/'"}