Issue in dumping Data in AWS Elasticsearch using Logstash


This story is not about dumping CSV data in AWS Elasticsearch using Logstash because there are already a lot of good articles. I personally like this one.


I deployed an Elasticsearch instance on AWS which was publically accessible. I was able to perform requests using CURL. But when I tried to access the dump data using Logstash with this configuration:

elasticsearch - Failed to install template. {:message=>"Got response code '401' contacting Elasticsearch at URL '<elasticsearch-url>:443/_xpack'"
X-Pack is an Elastic Stack extension that provides security, alerting, monitoring, reporting, machine learning, and many other capabilities.


After doing a bit of research I found out that AWS Elasticsearch service installs X-Pack and ILM is part of X-Pack feature set.

ilm_enabled => false

Final Thoughts

I hope that you like this story and please give feedback about anything that can be improved or I have missed. Thank you :)

DevSecOps Engineer