Hello,
Does anyone know the cause of this error?
Could not fetch all the sources {:exception=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError, :message=>"Got response code '403' contacting Elasticsearch at URL 'http://elasticsearch:9200/.logstash/doc/_mget'"
I am running in a docker container with x-pack plugin installed and configured to use the logstash_system user after setting the password using the util on ES.
thanks!!
The logstash_system account is created as a reserved account when you install X-pack to use with logstash monitoring. It is not meant to be used to write data to Elastic with.
You will need to create a separate account such as the logstash_internal account to use with your logstash pipelines as described here:
https://www.elastic.co/guide/en/logstash/current/ls-security.html
dang it! I was so close - I had a new user created it and only gave it logstash related roles - not index related security roles.
thanks!
considered solved.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.