I'm able to connect to elasticsearch 6.8.23 with logstash 8.6.1 but when I connect to an SSL enabled elasticsearch (using signed CERTS), I get the 503 error unable to connect. My output config looks like this:
It works if I connect to a local, but when an SSL Es, I get a 503.
Sorry,
logstash version is: logstash-8.6.1
elasticsearch version is: elasticsearch-6.8.23
Both are able to work together. The only problem is when elasticsearch is enabled with SSL. I've tried using logstash 6.8.x to match and it also doesn't work with SSL-enabled. I am probably missing something very simple in my config file.
OK I matched the versions both to use 6.8.23 (elasticsearch and logstash)
Here's the error at startup
[2023-02-07T12:09:01,663][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://elasticsearch-xxx.yyyy.com:443/]}}
[2023-02-07T12:09:02,246][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://elasticsearch-xxx.yyyy.com:443/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError, :error=>"Got response code '503' contacting Elasticsearch at URL 'https://elasticsearch-xxx.yyyy.com:443/'"}
Do you have anything in front of your Elasticsearch? It normally uses port 9200, why are you using 443?
These are the only error log lines you have in your logs? It doesn't say anything about a certificate error, normally when you have certificate issues this is present in the logs.
it worked. My target host had only a single node running and therefore couldn't find the master. Once I started the second node, elasticsearch health went back to green. I wish the health of elasticsearch would display on the root page instead of /_cat/health.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.