Analytics are not properly working with Elastic Search

ebizinfrastructure_4 · October 4, 2019, 2:43pm

Hi,
I followed the guide for Cloudflare analytics integration with elastic search but I am unable to push the logs to my elastic search.

This is the guide I followed:

The following error occurred when I executed lambda function.

Parameters: hostname [10.1.11.91:9200] index [Cloudflare], username [elastic], pipeline [Cloudflare-pipeline-weekly], ssl/tls [true]
null java.net.ConnectException

Can any one please share the cause, I have checked the roles and SGs which are ok. Elastic search is installed on an EC2 instance I am not using amazon’s elastic search service.

Thanks.

cloonan · July 30, 2019, 3:28pm

Have you tried a different port, @ebizinfrastructure_4?

ebizinfrastructure_4 · July 30, 2019, 3:53pm

Hi,
Yes I tried the port 9284 still resulted in Vain.

sandro · July 30, 2019, 4:20pm

Where did you configure that 10 IP address? Thats an internal address, which you cant route over the Internet. I cant say I am familiar with the feature at hand, but as far as I understand you’d export data from Cloudflare to your local database, right? That should require public addresses and a private address wont be of much use.

ebizinfrastructure_4 · July 31, 2019, 10:25am

Hi,
Sandro Actually both Lambda and EC2 instances are in private subnet of a VPC that’s why it does not have public IP address. Consider it as a LAN and both machines can communicate with each other. The Logs are transferred to S3 and when there is a change in S3 it triggers Lambda function which parse the logs and places them in Elasticsearch Kibana EC2 instance.

sandro · July 31, 2019, 10:35am

That looks like a connection issue, simply check if you can reach the machine and the port from where you want to connect. Either something is not running or there is a firewall.