I just set up a free Elasticsearch & Kibana free trial and am testing Purelytics streaming. Starting from scratch, I applied the dynamic template from the dynatrace documentation, and see this result for _cat/templates/dynatrace:
dynatrace dt_* 0
Currently, I haven't set up any indices, but have ES set to auto-create (default). I then went to the DT client and am trying to do an on-demand stream by right-clicking a saved session > PureLytics Stream. When I fill in the credentials and hit Test Connection, it says Connection to end point server successful. I then click the Stream button.
When I look at /_cat/indices, I expect to see a new index starting with dt_, but I only see the built-ins.
Looking at the DT server log, I see this:
2017-06-23 10:35:08 INFO [OnDemandAnalyticsStreamManager] Streaming all paths of type ALL from Tue Apr 19 09:53:00 EDT 2016 to Tue Apr 19 10:05:00 EDT 2016 to ELASTICSEARCH2017-06-23 10:35:08 INFO [OnDemandAnalyticsStreamTask] Finished streaming Visits.2017-06-23 10:35:08 INFO [OnDemandAnalyticsStreamTask] Finished streaming User Actions.2017-06-23 10:35:08 INFO [OnDemandAnalyticsStreamTask] Finished streaming paths to <servername> in 347 ms.2017-06-23 10:35:09 WARNING [ElasticSearchConnectorWorker] endpoint responded with HTTP Code 4012017-06-23 10:35:09 WARNING [ElasticSearchConnectorWorker] endpoint responded with HTTP Code 401
The only message I see in the ElasticSearch logs when this occurs is the following:
[2017-06-23T14:35:09,045][WARN ][org.elasticsearch.deprecation.rest.RestController] Content type detection for rest requests is deprecated. Specify the content type using the [Content-Type] header.