Plugin uses port 9200 to connect https host while 443 is expected

Question

Plugin uses port 9200 to connect https host while 443 is expected

kaisecheng opened this issue 2 years ago · 1 comments

Logstash version 8.3.3

When the hosts point to https url, it is expected to be in port 443 by default, however, the plugin appends 9200.

Steps to reproduce

input {
      heartbeat {
        message => '{"say": "hello"}'
        interval => 1
      }
}
filter {
	json {
		source => "message"
	}
}
output {
    elasticsearch {
      hosts => ["https://YOUR_HOST.europe-west2.gcp.elastic-cloud.com"]
      index => "test_index"
      user => "YOUR_USERNAME"
      password => "YOUR_PASSWORD"
    }
}

Log

[INFO ][logstash.outputs.elasticsearch][main] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://elastic:xxxxxx@YOUR_HOST.europe-west2.gcp.elastic-cloud.com:9200/]}}

Workaround

The workaround is to add :443 to the hosts
hosts => ["https://YOUR_HOST.europe-west2.gcp.elastic-cloud.com:443"]

Answer 1 · 2022-08-08T17:28:50.000Z

IIRC, this is by design (although the design may need to be re-thought). When you start Elasticsearch on your own, it binds its HTTP API to 9200 unless you explicitly tell it to bind to a different port (whether or not you have TLS enabled, which is also on-by-default in ES 8.x). Out out-of-the-box experience is to match Elasticsearch's default behaviour.