@lsoon3 I understand that you’re querying OpenSearch cluster. Did you use OpenSearch input plugin for Logstash?
This is my working test config with OpenSearch input and output plugins.
input {
opensearch {
hosts => ["docker1.pablo.local:9200"]
index => "sample-http-responses"
query => '{ "size":0, "query": { "match_all": {}},"track_total_hits": true }'
user => "admin"
password => "Eliatra123"
ssl => true
schedule => "* * * * *"
docinfo => true
docinfo_target => 'metadata_with_hash'
}
}
output{
opensearch {
index => "logstash-%{+YYYY.MM.dd}"
hosts => ["https://node-0.example.com:9200"]
#user => admin
#password => Eliatra123
ssl => true
ssl_certificate_verification => false
cacert => "/usr/share/logstash/config/root-ca.pem"
tls_certificate => "/usr/share/logstash/config/kirk.pem"
tls_key => "/usr/share/logstash/config/kirk-key.pem"
action => "create"
}
}
Does your Logstash fails for both Codes 1 and 2 or just on of them?