Shield w/ Logstash Offline Install

Mrc0113 · July 7, 2015, 6:23pm

Hi,

I am installing ELK on a network that does not have internet access and am following the instructions at the link below to get Logstash to work with Shield enabled. However, it seems that the instructions require internet access.
Link: https://www.elastic.co/guide/en/shield/current/logstash.html

How can I install the "logstash-output-elasticsearch-shield" logstash plugin without internet access?

root@hostname logstash]# bin/plugin install logstash-output-elasticsearch-shield
Validating logstash-output-elasticsearch-shield
Unable to download data from https://rubygems.org/ - SocketError: Network is unreachable (https://api.rubygems.org/latest_specs.4.8.gz)
ERROR: Installation aborted, verification failed for logstash-output-elasticsearch-shield

Thanks!

Paul_Echeverri · July 7, 2015, 7:14pm

Hi!

This worked locally, so with the caveat that I haven't tested the installation to verify it's up and running, it might be worth trying:

On a machine with Internet access, execute curl -L -o logstash-output-elasticsearch-shield-1.0.0.gem https://rubygems.org/downloads/logstash-output-elasticsearch-shield-1.0.0.gem
Transfer the downloaded logstash-output-elasticsearch-shield-1.0.0.gem file to the machine that doesn't have Internet access
On the target machine, execute bin/plugin install ./logstash-output-elasticsearch-shield-1.0.0.gem

Please let me know if this helps!

Paul E
Sr. Technical Writer, Elastic

Mrc0113 · July 7, 2015, 8:50pm

Paul,

Thanks for the response. I downloaded the gem file but when I went to install it I got the following error:

    [root@hostname media]# /opt/logstash/bin/plugin install /root/elk_artifacts/media/logstash-output-elasticsearch-shield-1.0.0.gem
Validating /root/elk_artifacts/media/logstash-output-elasticsearch-shield-1.0.0.gem
Installing logstash-output-elasticsearch-shield
Error Bundler::HTTPError, retrying 1/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 2/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 3/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 4/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 5/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 6/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 7/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 8/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 9/10
Could not fetch specs from https://rubygems.org/
Error Bundler::HTTPError, retrying 10/10
Could not fetch specs from https://rubygems.org/
Too many retries, aborting, caused by Bundler::HTTPError
ERROR: Installation Aborted, message: Could not fetch specs from https://rubygems.org/

Paul_Echeverri · July 7, 2015, 10:38pm

I'm afraid that it looks like you've run into an issue with offline installation; we're opening an issue internally to track it. I'll update you as I know more.

Mrc0113 · July 7, 2015, 10:54pm

Thanks Paul!

Paul_Echeverri · July 8, 2015, 12:07am

You can track this issue on our Logstash Github repo: https://github.com/elastic/logstash/issues/3571