Linux f36f76d13a8f 5.15.0-122-generic #132~20.04.1-Ubuntu SMP Fri Aug 30 15:50:07 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
What happened?
The plugin works when connecting to Elasticsearch using HTTP or with a fully configured HTTPS SSL connection, but when I try to run it with ssl_verification_mode set to none for a HTTPS configured Elasticsearch, the pre-flight check fails with the following traceback (replacing internal uri with placeholders):
[2024-09-26T14:42:54,210][ERROR][co.elastic.logstash.filters.elasticintegration.PreflightCheck][events_pipeline] Exception checking serverless: Host name '<SERVICE NAME>' does not match the certificate subject provided by the peer (CN=<INTERNAL SERVICE NAME>, OU=<ORG NAME>)
[2024-09-26T14:42:54,214][ERROR][logstash.javapipeline ][events_pipeline] Pipeline error {:pipeline_id=>"events_pipeline", :exception=>#<LogStash::ConfigurationError: Preflight check failed: Host name '<SERVICE NAME>' does not match the certificate subject provided by the peer (CN=<INTERNAL SERVICE NAME>, OU=<ORG NAME>)>, :backtrace=>["/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-filter-elastic_integration-0.1.13-java/lib/logstash/filters/elastic_integration.rb:302:in raise_config_error!'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-filter-elastic_integration-0.1.13-java/lib/logstash/filters/elastic_integration.rb:416:in serverless?'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-filter-elastic_integration-0.1.13-java/lib/logstash/filters/elastic_integration.rb:346:in initialize_elasticsearch_rest_client!'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-filter-elastic_integration-0.1.13-java/lib/logstash/filters/elastic_integration.rb:133:in register'", "org/logstash/config/ir/compiler/AbstractFilterDelegatorExt.java:75:in register'", "/usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:237:in block in register_plugins'", "org/jruby/RubyArray.java:1981:in each'", "/usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:236:in register_plugins'", "/usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:617:in maybe_setup_out_plugins'", "/usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:249:in start_workers'", "/usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:194:in run'", "/usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:146:in block in start'"], "pipeline.sources"=>["/usr/share/logstash/pipeline/events_pipeline.conf"], :thread=>"#<Thread:0x24fbea93 /usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:134 run>"}
[2024-09-26T14:42:54,216][INFO ][logstash.javapipeline ][events_pipeline] Pipeline terminated {"pipeline.id"=>"events_pipeline"}
[2024-09-26T14:42:54,225][ERROR][logstash.agent ] Failed to execute action {:id=>:events_pipeline, :action_type=>LogStash::ConvergeResult::FailedAction, :message=>"Could not execute action: PipelineAction::Create<events_pipeline>, action_result: false", :backtrace=>nil}
[2024-09-26T14:42:54,279][INFO ][logstash.runner ] Logstash shut down.
[2024-09-26T14:42:54,315][FATAL][org.logstash.Logstash ] Logstash stopped processing because of an error: (SystemExit) exit
Plugin Version
logstash-filter-elastic_integration (0.1.13)
Logstash Version
8.15.2
Java Version
No response
Host Info
Linux f36f76d13a8f 5.15.0-122-generic #132~20.04.1-Ubuntu SMP Fri Aug 30 15:50:07 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
What happened?
The plugin works when connecting to Elasticsearch using HTTP or with a fully configured HTTPS SSL connection, but when I try to run it with
ssl_verification_mode
set tonone
for a HTTPS configured Elasticsearch, the pre-flight check fails with the following traceback (replacing internal uri with placeholders):My Elastic Ingestion configurations are:
The Elasticsearch output plugin doesn't have any similar issues. It is connected to the same HTTPS Elasticsearch with SSL disabled:
I would really like to get this to work. So far I can't find anything wrong in my configurations or anything relevant in the documentation.