logstash-output-amazon_es: Unable to install plugin on Logstash 7.15.1 and above
Hi,
ISSUE
I am trying to install logstash-output-amazon_es on an amazon Linux ec2 instance but getting the following errors:
$ ./logstash-plugin install logstash-output-amazon_es
Using bundled JDK: /usr/share/logstash/jdk
OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
Validating logstash-output-amazon_es
Found logstash-output-amazon_es (6.4.1), but was for platform x86_64-linux
Resolving mixin dependencies
NoMethodError: undefined method `error' for #<Gem::PlatformMismatch:0x6db27836>
fetch_plugin_dependencies at /usr/share/logstash/lib/bootstrap/bundler.rb:229
expand_logstash_mixin_dependencies at /usr/share/logstash/lib/bootstrap/bundler.rb:212
each at org/jruby/RubyArray.java:1820
flat_map at org/jruby/RubyEnumerable.java:940
expand_logstash_mixin_dependencies at /usr/share/logstash/lib/bootstrap/bundler.rb:212
update_logstash_mixin_dependencies at /usr/share/logstash/lib/pluginmanager/install.rb:189
execute at /usr/share/logstash/lib/pluginmanager/install.rb:77
run at /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/clamp-1.0.1/lib/clamp/command.rb:68
execute at /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/clamp-1.0.1/lib/clamp/subcommand/execution.rb:11
run at /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/clamp-1.0.1/lib/clamp/command.rb:68
run at /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/clamp-1.0.1/lib/clamp/command.rb:133
<main> at /usr/share/logstash/lib/pluginmanager/main.rb:64
DETAILS
- My system specifications are:
$ lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: Amazon
Description: Amazon Linux release 2 (Karoo)
Release: 2
Codename: Karoo
$ uname -a
4.14.243-185.433.amzn2.x86_64 #1 SMP Mon Aug 9 05:55:52 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
- Logstash version
logstash 7.15.1
When I checked the architecture of my instance it showed it to be x86_64.
Need help to identify and fix the issue.
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Reactions: 2
- Comments: 18 (5 by maintainers)
I have been able to install the logstash-output-amazon_es plugin version 7.0.1 in Logstash 7.14.2 and 7.16.1.
Also, I can install logstash-output-amazon_es 6.4.2 in Logstash 6.8.21.
This issue appears to be resolved now.
You can install the current version of the plugin by skipping validation. I have tested this on Logstash 7.16.1, which has the log4j patch. In my experiment, the plugin created an index and writes documents to Amazon OpenSearch Service. I tested this against an ElasticSearch 7.10 domain.
@PSjoe , This should help you get past the the current Log4j security issue.
I had the same issue installing the plugin in the official logstash docker image docker.elastic.co/logstash/logstash-oss logstash-oss:7.15.1 is broken logstash-oss:7.15.0 is working fine
That’s from 2017 and is about a much older vulnerability that does only apply to the (now deprecated) Log4j input plugin.
No, see here for the details they provide on the current issue: Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31
And for specific details on Logstash versions, vulnerabilities and mitigations see this table on the same page.
I confirm, just managed to install amazon_es on the newest
logstash 7.16.1.Had same issue. Did they stop supporting this plug in I guess? I was able to successfully reinstall plug in after downgrading to 7.15.0 (sudo yum downgrade logstash-7.15.0)