Logstash won't forward to Elasticsearch via output plugin

james_mtl · June 15, 2018, 7:57pm

I am trying to modify an existing ELK configuration. Logs are being sent to Logstash via syslog and then forwarded to an Elasticsearch cluster.

I am trying to switch our Elasticsearch endpoints to AWS' ES service. I have modified the existing logstash.conf. AWS is not seeing new data being sent. When I revert the previous configuration the old Elasticsearch servers are not receiving data any more either and nothing is being written to the log file. I am not able to find anything useful here.

I installed logstash-output-amazon_es output plugin. I used sudo to install the plugin.. My best guess is that it screwed up permissions. Honestly I'm really stuck troubleshooting this problem as I have no logs to look at. What is going on here?

warkolm · June 15, 2018, 8:34pm

Sounds like something with the AWS specific output plugin.

But I don't think anyone here has knowledge on that one sorry, you may need to try the AWS forums.

james_mtl · June 18, 2018, 3:52pm

The issue was related to the permissions.

Additionally, I needed to create an IAM Role and EC2 Instance Profile.

system · July 16, 2018, 3:52pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash intergation with AWS Elasticsearch Logstash	3	5826	July 6, 2017
Elasticsearch output plugin does not write to elasticsearch Logstash	11	7929	October 25, 2017
Logstash Output to ES hosted on AWS, authentication not working Logstash	3	450	February 13, 2019
Logstash not pushing logs to elasticsearch in aws Elasticsearch	2	286	July 21, 2020
Amazon_es output not signing? Logstash	3	942	February 18, 2017

Logstash won't forward to Elasticsearch via output plugin

Related topics