堆栈内存溢出
  简体   繁体   English

logstash无法成功将数据发送到外部弹性搜索

[英]logstash doesn't succeed to send data to foreign elastic search

 原文  2014-06-12 17:00:27       elasticsearch/ host/ logstash

问题描述

Here is the error from logstash.err : 这是logstash.err的错误:

Faraday::ConnectionFailed: End of file reached call at /opt/logstash/vendor/bundle/jruby/1.9/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:44 build_response at /opt/logstash/vendor/bundle/jruby/1.9/gems/faraday-0.9.0/lib/faraday/rack_builder.rb:139 run_request at /opt/logstash/vendor/bundle/jruby/1.9/gems/faraday-0.9.0/lib/faraday/connection.rb:377 perform_request at /opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.1/lib/elasticsearch/transport/transport/http/faraday.rb:24 call at org/jruby/RubyProc.java:271 perform_request at /opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.1/lib/elasticsearch/transport/transport/base.rb:187 perform_request at /opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.1/lib/elasticsearch/transport/transport/http/faraday.rb:20 perform_request at /opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.1/lib/elasticsearch/transport/client.rb:102 perform_request at /opt/logstash/v Faraday :: ConnectionFailed:在/opt/logstash/vendor/bundle/jruby/1.9/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:44 build_response位于/ opt / logstash / vendor / bundle / jruby / 1.9 / gems / faraday-0.9.0 / lib / faraday / rack_builder.rb:139 run_request位于/​​opt/logstash/vendor/bundle/jruby/1.9/gems/faraday-0.9.0/lib/ faraday / connection.rb:377 perform_request /opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.1/lib/elasticsearch/transport/transport/http/faraday.rb:24在org打电话/jruby/RubyProc.java:271在/opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.1/lib/elasticsearch/transport/transport/base.rb:187在/ opt处的perform_request /logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.1/lib/elasticsearch/transport/transport/http/faraday.rb:20 perform_request位于/​​opt/logstash/vendor/bundle/jruby/1.9 /gems/elasticsearch-transport-1.0.1/lib/elasticsearch/transport/client.rb:102在/ opt / logstash / v上的perform_request endor/bundle/jruby/1.9/gems/elasticsearch-api-1.0.1/lib/elasticsearch/api/namespace/common.rb:21 get_template at /opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-api-1.0.1/lib/elasticsearch/api/actions/indices/get_template.rb:24 template_exists? endor / bundle / jruby / 1.9 / gems / elasticsearch-api-1.0.1 / lib / elasticsearch / api / namespace / common.rb:21 get_template位于/opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch- api-1.0.1 / lib / elasticsearch / api / actions / indices / get_template.rb:24 template_exists? at /opt/logstash/lib/logstash/outputs/elasticsearch/protocol.rb:132 template_install at /opt/logstash/lib/logstash/outputs/elasticsearch/protocol.rb:21 register at /opt/logstash/lib/logstash/outputs/elasticsearch.rb:259 each at org/jruby/RubyArray.java:1613 outputworker at /opt/logstash/lib/logstash/pipeline.rb:220 start_outputs at /opt/logstash/lib/logstash/pipeline.rb:152 在/opt/logstash/lib/logstash/outputs/elasticsearch/protocol.rb:132 template_install在/opt/logstash/lib/logstash/outputs/elasticsearch/protocol.rb:21在/ opt / logstash / lib / logstash /中注册分别在org / jruby / RubyArray.java:1613处的output / elasticsearch.rb:259 /在/opt/logstash/lib/logstash/pipeline.16处的outputworker在:/opt/logstash/lib/logstash/pipeline.rb:152处的start_outputs

Here is my output config : 这是我的输出配置: 

output {
        elasticsearch { 
            host => "X.X.X.X"
            port => "9300"
            protocol => "http"
            cluster => "elasticsearch_david"
        }   
    }

No connection issue, any idea ? 没有连接问题,有什么想法吗?

Further investigations with tcpdump give : 使用tcpdump进行的进一步调查给出: 

GET /_template/logstash HTTP/1.1
User-Agent: Faraday v0.9.0
Accept-Encoding: gzip;q=1.0,deflate;q=0.6,identity;q=0.3
Accept: */*
Connection: close

2 个解决方案

解决方案1
 5 已采纳  2014-06-13 00:49:41

The issue is with mismatching port and protocol: 问题在于端口和协议不匹配: 

output {
        elasticsearch { 
            host => "X.X.X.X"
            port => "9300"
            protocol => "http"
            cluster => "elasticsearch_david"
        }   
    }

You have protocol set to "http" which would require port 9200 (the default port that ES uses for http requests) but have the port set to 9300 which is the port used for inter cluster communications, normally used with the "node" protocol. 您已将协议设置为“ http”,这将需要端口9200(ES用于http请求的默认端口),但已将端口设置为9300,这是用于集群间通信的端口,通常与“节点”协议一起使用。

Unfortunately the documentation is contradictory about the default for protocol: 不幸的是,该文档与协议的默认设置矛盾:

protocol 协议 

 Value can be any of: "node", "transport", "http" There is no default value for this setting.

Choose the protocol used to talk to Elasticsearch. 选择用于与Elasticsearch对话的协议。

The 'node' protocol will connect to the cluster as a normal Elasticsearch node (but will not store data). “节点”协议将作为普通的Elasticsearch节点连接到集群(但不会存储数据)。 This allows you to use things like multicast discovery. 这使您可以使用多播发现之类的功能。 If you use the node protocol, you must permit bidirectional communication on the port 9300 (or whichever port you have configured). 如果使用节点协议,则必须允许端口9300(或配置的任何端口)上的双向通信。

The 'transport' protocol will connect to the host you specify and will not show up as a 'node' in the Elasticsearch cluster. “传输”协议将连接到您指定的主机,并且不会在Elasticsearch集群中显示为“节点”。 This is useful in situations where you cannot permit connections outbound from the Elasticsearch cluster to this Logstash server. 在无法允许从Elasticsearch群集到该Logstash服务器的出站连接的情况下,这很有用。

The 'http' protocol will use the Elasticsearch REST/HTTP interface to talk to elasticsearch. “ http”协议将使用Elasticsearch REST / HTTP接口与elasticsearch对话。

All protocols will use bulk requests when talking to Elasticsearch. 与Elasticsearch交谈时,所有协议都将使用批量请求。

The default protocol setting under java/jruby is “node”. java / jruby下的默认协议设置为“ node”。 The default protocol on non-java rubies is “http” 非Java红宝石上的默认协议是“ http”

Your best bet is to set the protocol setting to one of "node", "http" or "transport" depending on what you want to do and let logstash set the appropriate port for you: 最好的选择是根据要执行的操作将协议设置设置为“节点”,“ http”或“传输”之一,然后让logstash为您设置适当的端口: 

output {
    elasticsearch { 
    host => "X.X.X.X"
    protocol => "http"
    cluster => "elasticsearch_david"
}

see http://logstash.net/docs/1.4.1/outputs/elasticsearch#protocol 参见http://logstash.net/docs/1.4.1/outputs/elasticsearch#protocol

解决方案2
 0  2014-06-12 22:25:28

It was due to bad configuration : solved by removing protocol and port 这是由于配置错误:通过删除协议和端口来解决的 

output {
    elasticsearch { 
    host => "X.X.X.X"
    cluster => "elasticsearch_david"
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Logstash不会将csv数据加载到弹性搜索 - Logstash doesn't load csv data to elastic search 无法使用logstash将数据发送到AWS弹性搜索实例 - Unable to send data to AWS elastic search instance using logstash logstash 可以将数据同时发送到多个位置以及弹性搜索 - can logstash send data simultaneusly to mulpile location along with elastic search Logstash 不向弹性搜索发送数据 - Logstash not sending data to elastic search Jenkins Logstash插件不会向Logstash发送数据 - Jenkins Logstash plugin doesn't send data to Logstash Logstash无法将输出发送到弹性搜索 - Logstash unable to send output to elastic search 弹性搜索聚合不返回数据 - elastic search aggregate doesn't return data 使用Python中的Logstash将数据导入Elastic Search - Import data into Elastic Search using Logstash in Python Logstash弹性搜索 - Logstash-Elastic search Logstash 不发送数据 - Logstash don't send data
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM