Hi I have installed logstash plugin for Icinga 2. I have setup the API by issuing icinga2 api setup and then restarted the Icinga 2 service.
I am using Icinga 2 API username and password available in /etc/icinga2/conf.d/api-users.conf and try to push few logs to Icinga 2 from Logstash and getting the following issue
[2017-10-04T07:14:14,565][ERROR][logstash.outputs.icinga ] Request failed {:host=>"xxxxxxxxxx", :port=>5665, :path=>"/v1/actions/process-check-result?service=%25%7Bhostname%7D%21dummy", :body=>"{\"plugin_output\":\"83.149.9.216 - - [04/Jan/2015:05:13:42 +0000] \\\"GET /presentations/logstash-monitorama-2013/images/Test-search.png HTTP/1.1\\\" 200 203023 \\\"http://semicomplete.com/presentations/logstash-monitorama-2013/\\\" \\\"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36\\\"\"}", :error=>#<OpenSSL::SSL::SSLError: certificate verify failed>}
Here is my configuration file
input {
file {
path => "/home/logstashtest/*"
start_position => beginning
ignore_older => 0
}
}
filter {
if ([message] !~ "83.149.9.216") {
drop { }
}
grok {
match => { "message" => "%{COMBINEDAPACHELOG}"}
}
}
output {
icinga {
host => "*****" //Remote Icinga Host
user => "*****" //Icinga 2 Api User
password => "*****" //Icinga 2 Api Password
action => "process-check-result"
action_config => {
plugin_output => "%{message}"
}
icinga_host => "%{hostname}"
icinga_service => "dummy"
}
}
Do I need to pass the path for SSL certificate in the request available in pki/ca.crt. Is there a way to disable SSL validation in Logstash? Please help me on what is causing the issue
Icinga output for Logstash plugin by default uses SSL to connect to Icinga API. I have disabled by setting ssl_verify => false in the plugin