elasticsearch - Fluentd ElasticSearch 输出 - [401] 未经授权

问题描述

我正在使用以下配置测试 fluentd。

<source>
  @type tail
  path /home/centos/service.log
  pos_file /home/centos/service.log.pos
  @label @SQLPAD
  tag sqlpad
  <parse>
  @type cri
    <parse>
    @type json
    </parse>
  </parse>
</source>
<label @SQLPAD>
  <match *.**>
    type copy
    <store>
      @type elasticsearch
      user %{user}
      password %{pass}
      host <domain>.eu-west-1.es.amazonaws.com
      port 443
      scheme https
      logstash_format true
      ssl_verify false
  </store>
  </match>
</label>

<system>
  log_level debug
</system>

没有建立连接，我得到了这些日志：

2021-09-16 14:43:40 +0000 [warn]: #0 Could not communicate to Elasticsearch, resetting connection and trying again. [401] Unauthorized
2021-09-16 14:43:40 +0000 [warn]: #0 Remaining retry: 14. Retry to communicate after 2 second(s).
2021-09-16 14:43:45 +0000 [warn]: #0 Could not communicate to Elasticsearch, resetting connection and trying again. [401] Unauthorized
2021-09-16 14:43:45 +0000 [warn]: #0 Remaining retry: 13. Retry to communicate after 4 second(s).
2021-09-16 14:43:53 +0000 [warn]: #0 Could not communicate to Elasticsearch, resetting connection and trying again. [401] Unauthorized
2021-09-16 14:43:53 +0000 [warn]: #0 Remaining retry: 12. Retry to communicate after 8 second(s).

尽管如此，curl在同一fluentd台聚合器机器上运行是有效的：

[centos@ip-172-168-45-176 ~]$  curl https://<user>:<pass>@<domain>.eu-west-1.es.amazonaws.com:443/_cat/indices
green open .kibana_-1773627903_databrewers_1 QIqQBSA4Rj6rYwL5nYNMpA 1 1 1 0 10.1kb    5kb
green open .kibana_1                         QTMRbaXGSASmdHF5Peo66g 1 1 3 6 33.9kb 16.9kb
green open .opendistro_security              qUusXLQLRFC26XuDZD3NjA 1 1 9 1 95.9kb 47.9kb

为了测试用户凭据，我什至使用 curl 创建了一个包含一些数据的索引。

标签： elasticsearchfluentd