Access a network share for logs

rashidmirza · May 31, 2016, 7:59am

i have recently installed ELK on a windows machine.
I would like to parse and create some sort of statistics out of a text based log file that resides on a Linux machine, but as that folder is made as a share, it is accessible from a windows machine.
Having issues, understanding what should be the path in the configuration file.
Also having issues with the way ELK is running, I cannot seem to add indexes. I don't have or see the Create button...the list is big.
kindly assist, starting with the configuration setup, then moving on to other things.
Here is my logstash.conf:

input {
file {
path => "//172.16.36.31/Shares/ift20110923.log"
start_position => "beginning"
type => "logs"
sincedb_path => "/dev/null"
}
}
filter {
csv {
columns => [
"Camera",
"Dev"
]
separator => ","
}
}
output {
elasticsearch {
hosts => "localhost:9200"
}
stdout {codec => rubydebug}
}

Appreciate it, thanks.

warkolm · June 1, 2016, 1:32am

Maybe NFS?
What about installing LS on the linux machine?

rashidmirza · June 1, 2016, 4:31am

I can't, since the linux machine is part of a controlled environment, and would involve quite a bit of approvals before anything can be installed on it. That is why I prefer to install LS on a separate machine, on windows, because I thought it would be easy (but that is not the case) and access the share, since the permissions are read only.

rashidmirza · June 7, 2016, 6:25am

guys, anyone?

rashidmirza · June 21, 2016, 5:10am

i would appreciate help on this