I'm attempting to set up Logstash to communicate with ES over SSL. It's failing with a very opaque error -- no error message; only a stack trace:
[2019-09-21T18:51:12,494][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"7.3.2"}
[2019-09-21T18:51:14,005][INFO ][org.reflections.Reflections] Reflections took 44 ms to scan 1 urls, producing 19 keys and 39 values
[2019-09-21T18:51:14,965][ERROR][logstash.javapipeline ] java.lib.manticore.client.pool_builder(/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.6.4-java/lib/manticore/client.rb:397)", "usr.share.logstash.vendor.bundle.jruby.$2_dot_5_dot_0.gems.manticore_minus_0_dot_6_dot_4_minus_java.lib.manticore.client.RUBY$method$pool_builder$0$__VARARGS__(usr/share/logstash/vendor/bundle/jruby/$2_dot_5_dot_0/gems/manticore_minus_0_dot_6_dot_4_minus_java/lib/manticore//usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.6.4-java/lib/manticore/client.rb)", <...SNIP...>
[2019-09-21T18:51:14,995][ERROR][logstash.agent ] Failed to execute action {:id=>:main, :action_type=>LogStash::ConvergeResult::FailedAction, :message=>"Could not execute action: PipelineAction::Create
<main>, action_result: false", :backtrace=>nil}
(I had to snip the full stacktrace because posts are limited to 7000 characters; here's the full one.)
Has anyone come across this before? Or is there maybe someone familiar with Logstash's codebase who can sense what type of thing is causing this error?
Here's my pipeline configuration:
input {
beats {
port => 5044
}
}
output {
elasticsearch {
hosts => "https://localhost:9200"
manage_template => false
index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
user => logstash_internal
password => <my password>
cacert => "/etc/logstash/elastic-stack-ca.pem"
}
}
My logstash.yml
is unchanged from the default.
And finally, my ES security configuration:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: localhost.p12
xpack.security.http.ssl.truststore.path: localhost.p12
discovery.type: single-node