After updating ELK stack from 7.4.2 to 7.5.2 lumberjack communication stopped working appropriately. Other kind of communications still works (i.e syslog). A simplified overview of my architecture:
subsidiary_beat’s à subsidiary_logstash à Internet à holding_logstash à holding_elasticsearch
Other kind of communications still works appropriately. For instance, on subsidiary_logstash I deployed an agent that fetches events from a cloud provider and forwards it through syslog to honding_logstash.
- First I updated Elasticsearch, then Kibana, finally Logstash;
- Before the update I did not have any issues with lumberjack or any kind of event/communication;
- Subsidiary_logstash OS is Ubuntu server 18.04
- Holding_logstash OS is Oracle Linux 7.7
- All logstash OS are updated;
- Those logstash do not run over/on docker
- I did an fresh installation of holding_logstash and still no success;
The annoying and disturbing error message displayed in holding_logstash is:
"[2020-01-28T16:04:40,847][INFO ][org.logstash.beats.BeatsHandler] [local: 0.0.0.0:8043, remote: 10.53.0.1:1988] Handling exception: javax.net.ssl.SSLHandshakeException: error:100000b8:SSL routines:OPENSSL_internal:NO_SHARED_CIPHER"