Cannot create pipeline, expected one of #

Elastic Stack Logstash
1

Dear All,

I am trying to follow instructions from this website: https://github.com/elastic/examples/tree/master/ElasticStack_apache

However, I have got this error when I run this command: logstash -f apache_logstash.conf

1.png2081×1147 64.3 KB

and this is inside my apache_logstash.conf

  input {  
  stdin { } 
  user => logstash_internal
  password => changeme
}


filter {
  grok {
    match => {
      "message" => '%{IPORHOST:clientip} %{USER:ident} %{USER:auth} \[%{HTTPDATE:timestamp}\] "%{WORD:verb} %{DATA:request} HTTP/%{NUMBER:httpversion}" %{NUMBER:response:int} (?:-|%{NUMBER:bytes:int}) %{QS:referrer} %{QS:agent}'
    }
  }

  date {
    match => [ "timestamp", "dd/MMM/YYYY:HH:mm:ss Z" ]
    locale => en
  }

  geoip {
    source => "clientip"
  }

  useragent {
    source => "agent"
    target => "useragent"
  }
  
  user => logstash_internal
  password => changeme
}

output {
  stdout {
    codec => dots {}
  }

  elasticsearch {
    index => "apache_elastic_example"
    template => "./apache_template.json"
    template_name => "apache_elastic_example"
    template_overwrite => true
	user => logstash_internal
    password => changeme
  }
}

Any ideas how to solve it?

Thank You.

2

What is this doing in the input block??

3

I just follow this document: https://www.elastic.co/guide/en/x-pack/5.4/logstash.html

Point number 3.

4

The doc you linked to is an example using the elasticsearch input. Your config has these field => values but they are not needed for the stdin input and if you do add field => value sections they should appear inside the { } braces after the word stdin
e.g.

input {
  plugin_name {
    field1 => "value"
    field2 => "value"
  }
}
1 Like
5

Hi,

I have remove user and password fields.
However, I have got different error:

Error.png2082×1147 187 KB

Any solutions?

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.