堆栈内存溢出
  繁体   English   中英

logstash不将日志推送到AWS Elasticsearch

[英]logstash not pushing logs to AWS Elasticsearch

 原文  2018-07-06 05:49:57       elasticsearch/ logstash

问题描述

我试图将日志从logstash推送到elasticsearch,但是失败了。 这是我的logstash.conf文件: 

input {
            file {
                    path => "D:/shweta/ELK_poc/test3.txt"
                    start_position => "beginning"
                    sincedb_path => "NUL"
                    ignore_older => 0
                }}

    output {
        elasticsearch {
            hosts => [ "https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com" ]
            index => "testindex4-5july"
            document_type => "test-file"
        }
    }

我在主机中提供的ES端点是open,因此不应出现访问问题,但仍会出现以下错误: 

_[2018-07-05T13:59:05,753][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com:9200/, :path=>"/"}_
_[2018-07-05T13:59:05,769][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com:9200/][Manticore::ResolutionFailure] This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server (search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com)"}_

我被困在这里。 但是,当我下载ES并将其安装到我的计算机中并在本地运行时,在输出中将hosts => [ "localhost:9200" ]替换为: hosts => [ "localhost:9200" ] ,它可以很好地将数据推送到本地es:

我尝试了很多方法,但无法解决问题,任何人都可以帮忙。 我不想提供本地主机,但要提供AWS ES域终端节点。 任何提示或线索将不胜感激

在此先感谢Shweta

1 个解决方案

解决方案1
 1  2018-07-06 06:06:03

我认为,您只需要显式添加端口443,它就可以工作。 我认为,如果未明确指定端口elasticsearch输出插件会自动使用端口9200 

    elasticsearch {
        hosts => [ "https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com:443" ]
        index => "testindex4-5july"
        document_type => "test-file"
    }

另一种选择是不添加端口,而是指定ssl => true ,如官方AWS ES文档中所述 

    elasticsearch {
        hosts => [ "https://search-test-domain2-2msy6ufh2vl2ztfulhrtoat6hu.us-west-2.es.amazonaws.com" ]
        index => "testindex4-5july"
        document_type => "test-file"
        ssl => true
    }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在Kubernetes上安装Logstash并将日志发送到AWS ElasticSearch 使用基于日志级别的logstash在Elasticsearch中将Log分离并推送到不同索引中 Filebeat没有将日志推送到Elasticsearch Logstash无法将日志放入elasticsearch 通过 Logstash - Grok - ElasticSearch 标记日志 将logstash日志直接发送到elasticsearch 读取 Logstash 日志但不会推送到 elasticsearch Logstash 管道推送数据而不将其转换为 Elasticsearch 将日志发送到 AWS ElasticSearch 使用 terraform 升级 AWS elasticsearch 和 logstash
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM