logstash不将日志推送到AWS Elasticsearch
[英]logstash not pushing logs to AWS Elasticsearch
问题描述
I am trying to push my logs from logstash to elasticsearch but its failing. 
我试图将日志从logstash推送到elasticsearch,但是失败了。 here is my logstash.conf file : 这是我的logstash.conf文件:
input {
file {
path => "D:/shweta/ELK_poc/test3.txt"
start_position => "beginning"
sincedb_path => "NUL"
ignore_older => 0
}}
output {
elasticsearch {
hosts => [ "https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com" ]
index => "testindex4-5july"
document_type => "test-file"
}
}
The ES endpoint that i have provided in hosts is open , so there should not be an access isssue, but it still gives following error: 我在主机中提供的ES端点是open,因此不应出现访问问题,但仍会出现以下错误:
_[2018-07-05T13:59:05,753][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com:9200/, :path=>"/"}_
_[2018-07-05T13:59:05,769][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com:9200/][Manticore::ResolutionFailure] This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server (search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com)"}_
I am stuck here. 我被困在这里。 But when i downloaded ES and installed it in my machine and ran it locally , replacing hosts with: hosts => [ "localhost:9200" ] ,in output , it worked all good pushing data to local es: 但是,当我下载ES并将其安装到我的计算机中并在本地运行时,在输出中将hosts => [ "localhost:9200" ]替换为: hosts => [ "localhost:9200" ] ,它可以很好地将数据推送到本地es:
I tried a lot of ways but not able to resolve the issue , can anyone please help. 我尝试了很多方法,但无法解决问题,任何人都可以帮忙。 I don't want to give localhost but AWS ES domain endpoint. 我不想提供本地主机,但要提供AWS ES域终端节点。 Any hints or leads will be highly appreciated 任何提示或线索将不胜感激
Thanks in advance Shweta 在此先感谢Shweta
1 个解决方案
解决方案1
1 2018-07-06 06:06:03
In my opinion, you simply need to explicitly add the port 443 and it will work. 我认为,您只需要显式添加端口443,它就可以工作。 I think the elasticsearch output plugin automatically uses port 9200 if no port is explicitly given. 我认为,如果未明确指定端口 , elasticsearch输出插件会自动使用端口9200 。
elasticsearch {
hosts => [ "https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com:443" ]
index => "testindex4-5july"
document_type => "test-file"
}
An alternative would be to not add the port but specify ssl => true as depicted in the official AWS ES docs 另一种选择是不添加端口,而是指定ssl => true ,如官方AWS ES文档中所述
elasticsearch {
hosts => [ "https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com" ]
index => "testindex4-5july"
document_type => "test-file"
ssl => true
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.