enotspe
commented
2 years ago Have you installed the tld filter???
https://github.com/enotspe/fortinet-2-elasticsearch#on-logstash
Open blackbrownco opened 2 years ago
enotspe
commented
2 years ago Have you installed the tld filter???
https://github.com/enotspe/fortinet-2-elasticsearch#on-logstash
francesco-amato-argo
commented
1 year ago Hi I know that the last post is quite old but I have the same problem After many tests, I found the culprit If I comment tld directive in syslog-fortinet-common_ecs-output file logstash service starts normally and the syslog-fortinet-common_ecs-output pipeline starts too
This is the error message that I read with tld filters
<ArgumentError: wrong number of arguments (given 2, expected 1)>, :backtrace=>["/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/public_suffix-3.1.1/lib/public_suffix/list.rb:69:
I run ES 8.10 with logstash 8.10 I have installed logstash-filter-tld
enotspe
commented
1 year ago that is a different error. please open a new issue and post the full error log. It seems that you are passing an array to a function that just expects one value
Hi could you help to resolve this issue. I have copied all the template, dashboard json, pipelines.yml, all the .conf files to my vm that already fresh-installed Elasticsearch and Kibana. There is an issue on starting Logstash service, there is a warning
logstash[8167]: [2022-11-17T13:20:39,686][WARN ][org.logstash.plugins.pipeline.PipelineBus][syslog-fortinet-fortigate_2_ecs][320c3995cf79ebc0724f34bd360b3e9193d7d44220d69c92749327fb9930cde9] Attempted to send event to 'syslog-fortinet-common_ecs-output' but that address was unavailable. Maybe the destination pipeline is down or stopping? Will Retry.I've already modified the output {} and point it to my elasticsearch server gave the user and password also enabled the SSL and point the certificate to elasticsearch's http_ca.crt as well.