问题描述
我正在使用Logstash和Elasticsearch版本5.6.5。到目前为止,使用了带有HTTP协议的elasticsearch输出,没有认证。现在,Elasticsearch使用基本身份验证(用户/密码)和CA认证的HTTPS URL进行保护。我对elasticsearch服务器没有任何控制权。我只是用它从Logstash输出。
I am using Logstash and Elasticsearch versions 5.6.5. So far used elasticsearch output with HTTP protocol and no authentication. Now Elasticsearch is being secured using basic authentication (user/password) and CA certified HTTPS URL. I don't have any control over the elasticsearch server. I just use it to output to from Logstash.
现在,当我尝试使用基本身份验证配置elasticsearch的HTTPS URL时,它无法创建管道。
Now when I try to configure the HTTPS URL of elasticsearch with basic authentication, it fails to create the pipeline.
输出配置
output {
elasticsearch {
hosts => ["https://myeslasticsearch.server.io"]
user => "esusername"
password => "espassword"
ssl => true
}
}
错误
1. Error registering plugin {:plugin=>"#<LogStash::OutputDelegator:0x50aa9200
2. Pipeline aborted due to error {:exception=>#<URI::InvalidComponentError: bad component(expected user component):
如何解决这个问题?
我注意到有一个名为 cacert
的字段需要一些PEM文件。但我不知道该放什么因为Elasticsearch服务器使用CA认证的SSL而不是自签名的SSL。
How to fix this?I notice that there is a field called cacert
which requires some PEM file. But I am not sure what to put there since the Elasticsearch server is using a CA certified SSL not a self-signed one.
附加问题:我没有安装任何xpack。是否需要'xpack'从Logstash购买到Elasticsearch的HTTPS输出?
Addtional question: I don't have any xpack installed. Is 'xpack' required to be purchased for HTTPS output to Elasticsearch from Logstash?
推荐答案
我找到了问题的根本原因。有三件事要做修复:
I found the root cause of the issue. There were three things to fix:
-
我测试的logstash版本是错误的5.5.0。我下载了正确的版本以匹配Elas ticsearch版本5.6.5。
The logstash version I tested with was wrong 5.5.0. I downloaded the correct version to match with Elasticsearch Version 5.6.5.
我使用的主机在443端口上运行。当我没有在logstash下面指定端口时附加了9200,因为连接失败了。
The host I used was running on 443 port. When I didn't specify the port as below logstash appended 9200 with it, due to which the connection failed.
hosts => ['https://my.es.server.com']
以下配置更正了logstash使用的端口。
Below configuration corrected the port used by logstash.
hosts => ['https://my.es.server.com:443']
我缺少代理连接设置。
proxy => 'http://my.proxy.com:80'
整体设置工作。
output {
elasticsearch {
hosts => ['https://my.es.server.com:443']
user => 'esusername'
password => 'espassword'
proxy => 'http://my.proxy:80'
index => "my-index-%{+YYYY.MM.dd}"
}
}
不需要'ssl'字段。
No need for 'ssl' field.
此 不需要'xpack'安装。
这篇关于如何将Logstash输出验证到安全的Elasticsearch URL(版本5.6.5)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!