Unable to connect local kibana to remote elasticsearch running in AWS VPC

Elastic Stack Elasticsearch
1

Hi,

I am running elasticsearch in vpc using amazon elasticsearch service. I used the following article to access elasticsearch locally.

Using the article, I am able to access ES using https://localhost:9200 using curl -k. But I want to see the data through kibana which is running locally.
I tweaked the following properties in my local kibana.yml:

elasticsearch.url: "https://localhost:9200"
elasticsearch.ssl.certificateAuthorities: "path to pem file"
elasticsearch.ssl.verificationMode: none

Still kibana is not able to detect elasticsearch. Is there any way to access data through kibana? Which properties are needed to change for that?

Thanks

2

If Kibana is running locally it can not access to localhost:9200. You need to change that to the public address of your elasticsearch instance I guess.

BTW did you look at https://www.elastic.co/cloud and https://aws.amazon.com/marketplace/pp/B01N6YCISK ?

Cloud by elastic is one way to have access to all features, all managed by us. Think about what is there yet like Security, Monitoring, Reporting, SQL, Canvas, APM, Logs UI, Infra UI and what is coming next :slight_smile: ...

3

Why aren't you sharing the Kibana logs with the errors?
Which Kibana is it, the default distribution or the OSS distribution?
OSS VS. default

In pure unverified theory your setup could work because you have the verification_mode: none for SSL as the certificate won't match. (The pem is superfluous in my opinion)
But AWS expect you'll use their managed Kibana that comes with the AWS ES Service so it's possible something doesn't work but without the Kibana logs you're not sharing enough information.

Why are you trying to connect a local Kibana to AWS ES instead of using the AWS ES Kibana? What's wrong or not working with the one that comes with the AWS service?

I'd also recommend using the Elastic Cloud or installing a licensed default distribution of Elastic on EC2 or ECS to have more features.

P.S.
@dadoonet , his localhost:9200 is a tunnel to his AWS ES endpoint located in his AWS VPC. Which explains the "connect to a remote endpoint through localhost" apparent lack of logic. Like if ES was in another VLAN you could only access through SSH tunnel via a jump server.

1 Like
4

So, If I want to use aws kibana, I have to do ssh tunnel like I did for elasticsearch?

5

Never mind, I am able to connect to kibana in aws. It was simple. I just had to go to https://localhost:9200/_plugin/kibana.
Thanks for the reply btw.

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.