Connecting to AWS Elastic search service


#1

Hi,

I have been trying to connect a Graylog sever with Amazon’s Elastic search service.i have updated the Elasticsearch’s endpoint in the Graylog Config file as well.I can see Graylog Server is running but am not able to connect to Elastic search.Is it really possible to connect a Graylog server with Amazon’s Elastic search service???


#2

Have you confirmed that your Amazon elasticsearch service isn’t being protected by the IAM permissions?


#3

I would recommend you to access your es cluster using curl or other methods from the graylog server or at best the same subnet or network. To make sure your elasticsearch service is accessible without any additional authentication or isn’t being protected by AWS access policies.

https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html


#4

Yes…i had given public access


#5

Have you verified CRUD operations using curl fromthe graylog server?


#6

No…i’ll try that
Thanks


(Jochen) #7

Which version of the AWS Elasticsearch Service are you using?

Yes, it is.

What’s the output of the following command on the machine running Graylog?

# curl -i 'http://your-aws-elasticsearch-service-hostname:9200/?pretty'

#8

Here is the output


#9

and when i try to get the Graylog server logs. am getting below message.graylogserver


(Jochen) #10

Please upgrade to the latest stable release (Graylog 2.4.5 at the time of writing) and make sure that you’re using a version of the AWS Elasticsearch Service which is supported by Graylog (see http://docs.graylog.org/en/2.4/pages/installation.html#system-requirements).