Failing to connect to AWS OpenSearch from Logstash

we are trying to connect from Logstash (with OpenSearch output plugin) to AWS OpenSearch, but we’re continuously getting errors like:

[2022-02-07T05:04:42,614][WARN ][logstash.outputs.opensearch] Restored connection to OpenSearch instance {:url=>“https://usr:pwd@…”}
[2022-02-07T05:04:42,640][ERROR][logstash.outputs.opensearch] Could not connect to cluster {:url=>“https://usr:pwd@…”, :distribution=>nil, :major_version=>7}

We have configured OpenSearch with basic HTTP auth and provided the credentials in Logstash output plugin. Credentials are fine, and we’re managing to connect to the same OpenSearch instance from the same box from java (Apache HTTP client, etc.).

Do you have any idea about why we’re getting these errors from Logstash?

Note: same configuration is working fine in other environments where we use OpenSearch (not the AWS version)…


Can you share your configuration for Logstash (with the user and password censored as well)?

Hi, sure:

opensearch {
sniffing => false
manage_template => false
index => “myindex-%{+YYYY.MM.dd}”
pipeline => “mypipeline”
hosts => [“https://…”]
ssl => true
truststore => “/…/my_truststore.p12”
truststore_password => “password”
user => “user”
password => “password”

@alexz00 Did you try enabling compatibility mode setting for OpenSearch domain?

Thanks, disabling the compatibility mode indeed fixed the issue (it was enabled because we were using the Elasticsearch output plugin previously).

1 Like