RabbitMQ input plugin does not adhere to pipeline configuration

Hello,

I've been trying to use the rabbitMQ input plugin for logstash with the Cisco AMP API. More specifically, i want to connect to a stream and continuously listen for events and send that to our ELK stack.
However, i am having difficulties even getting logstash to apply the configuration correctly.

This is my very basic and only configuration file in /etc/logstash/conf.d/

input {
  rabbitmq {
    host => "export-streaming.eu.amp.cisco.com"
    user => "1123123123"
    password => "123123123123"
    queue => "event_stream_169"
    port => 443
    subscription_retry_interval_seconds => 5
  }
}

output {
  elasticsearch {
         hosts => ["https://logstash.asgard.local:9200"]
         user => logstash
         password => "logstash"
         ssl => true
         ssl_certificate_verification => false
         cacert => "/etc/logstash/root-ca.pem"
  }
  stdout { codec => rubydebug }
}

However i can see in the log that it tries to go to localhost:5672, it seems that some of my configuration files aren't applied?

Dec 04 15:35:38 lab01ubu logstash[12376]: [2018-12-04T15:35:38,618][ERROR][logstash.inputs.rabbitmq ] RabbitMQ connection error, will retry. {:error_message=>"Connection to localhost:5672 refused", :exception=>"MarchHare::ConnectionRe

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.