I have an old Elasticsearch v1.5 domain on Amazon AWS, keeping 30 days of logs.
It seems that it's not possible to upgrade it, so i have created a new domain with version ES 6.3.
Now i have Logstash v2.0 logging to the existing ES v1.5 domain, using the logstash-output-amazon_es
plugin, but i can't seem to get it to also send logs to the new v6.3 domain.
As i understand it, i have to upgrade Logstash.
I would like to have a version of Logstash that can send logs to both versions of ES for a month, for a smooth transition.
I have looked at the compatibility matrix, but it does not cover ES 1.5
Before i start testing different versions of Logstash, does anyone know if there is any version of Logstash that can send logs to both ES v1.5 and ES 6.3?
So after doing my own testing, it seems that Logstash 6.3 can send logs to both ES 1.5 and ES 6.3.
Testing from a local VM, it works using the
logstash-output-amazon_es
plugin, if i have the AWS credentials in~/.aws/credentials
andHOME
is properly set for thelogstash
user running Logstash. (Not running with sudo.)It even works on an EC2 instance with the Instance profile credentials delivered through the Amazon EC2 metadata service.
One big gotcha was that i had to set the Access Policy on the IAM Role of the instance running Logstash, instead of the Access Policy on the Elasticsearch Domain.