Retryable error when running logstash config

Elastic Stack Logstash
1

Hello there

I'm new to ELk and playing around with diff logstash confg. While running the same, i see below error:

[ERROR] 2018-11-12 04:44:37.028 [[main]>worker1] elasticsearch - Encountered a retryable error. Will Retry with exponential backoff {:code=>401, :url=>"http://localhost:9200/_bulk"}
[ERROR] 2018-11-12 04:44:38.166 [[main]>worker0] elasticsearch - Encountered a retryable error. Will Retry with exponential backoff {:code=>401, :url=>"http://localhost:9200/_bulk"}
[ERROR] 2018-11-12 04:45:09.036 [[main]>worker1] elasticsearch - Encountered a retryable error. Will Retry with exponential backoff {:code=>401, :url=>"http://localhost:9200/_bulk"}

What does the error mean? I couldn't find much on the forum regarding this 401 error. I have x-pack plugin installed now. Does it cause the issue ? Kindly help.

Thanks!

2

To add to the above, I'm running logstash 5.6.11. I wasn't getting this error before when i tried running the config probably two months ago. I'm shipping cloudltrail logs to ES and i could see them displayed on Kibana successfully. Post that, i recently installed X-pack and i guess the 401 is auth failure because of the x-pack? If yes, how do i fix it.

3

Probably you need to pass elasticsearch user and password that you may have already configured while installing X-pack.

output {
elasticsearch {

  hosts => ["localhost:9200"]
  user => "admin"
  password => "password"

 }
}
1 Like
4

Thank you Makra! That worked.

Regards

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.