3

I am using AWS Elasticsearch service to configure Elasticsearch Cluster and there is a separate server where I have installed Logstash 2.1.0

Here is my Logstash sample configuration file :- 

input {
    file {
    path => "/var/log/httpd/access_log"
    type => "apache-access"
    start_position => "beginning"
  }
}
filter {
  if [type] == "apache-access" {
grok {
  match => [ "message", "%{COMBINEDAPACHELOG}" ]
}
  }
}
output {
  elasticsearch {
  hosts => "xxxx-yyyy-oul45pxbkudcpzz7w7l5222od4.us-east-1.es.amazonaws.com:443"
  ssl => "true"
  manage_template => false
  }
}

I cannot see any Indices in AWS Elasticsearch. I am not sure if I am missing something. Configuration seems to be plain and simple. Also there is no log generated on Logstash server.

When I issue the command /bin/logstash -f 01-logstash.conf it gives me proper output. This seems Logstash is working but not sending data to AWS Elasticsearch Cluster. ~

gWaldo
  • 11,887
  • 8
  • 41
  • 68
Siddharth Sharma
  • 31
  • 1
  • 2

1 Answers1

4

Assuming your elasticsearch service is running on port 443. You need to specify keystore path of elasticsearch along with a password. Check this link for all available options for logstash elasticsearch output.

PS: Make sure elasticsearch service is accessible from your logstash machine. Confirm using telnet from logstash to elasticsearch.

Umair A. Shahid
  • 41
  • 3