Logstash won't forward to Elasticsearch via output plugin

james_mtl · June 15, 2018, 7:57pm

I am trying to modify an existing ELK configuration. Logs are being sent to Logstash via syslog and then forwarded to an Elasticsearch cluster.

I am trying to switch our Elasticsearch endpoints to AWS' ES service. I have modified the existing logstash.conf. AWS is not seeing new data being sent. When I revert the previous configuration the old Elasticsearch servers are not receiving data any more either and nothing is being written to the log file. I am not able to find anything useful here.

I installed logstash-output-amazon_es output plugin. I used sudo to install the plugin.. My best guess is that it screwed up permissions. Honestly I'm really stuck troubleshooting this problem as I have no logs to look at. What is going on here?

warkolm · June 15, 2018, 8:34pm

Sounds like something with the AWS specific output plugin.

But I don't think anyone here has knowledge on that one sorry, you may need to try the AWS forums.

james_mtl · June 18, 2018, 3:52pm

The issue was related to the permissions.

Additionally, I needed to create an IAM Role and EC2 Instance Profile.

system · July 16, 2018, 3:52pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch output plugin does not write to elasticsearch Logstash	11	7919	October 25, 2017
Logstash Output to ES hosted on AWS, authentication not working Logstash	3	450	February 13, 2019
Logstash not pushing logs to elasticsearch in aws Elasticsearch	2	286	July 21, 2020
Amazon_es output not signing? Logstash	3	942	February 18, 2017
Logstash output to es Logstash	5	663	March 23, 2018

Logstash won't forward to Elasticsearch via output plugin

Related Topics