Can't send logs to data view

I got this in my spring boot

this is my conf. file

input {
    file {
        type => "java"
         path => "/UUUU********/IdeaProjects/elk-stack-logging-example/elk-example.log"



        codec => multiline {
                     pattern => "^%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME}.*"
                     negate => "true"
                     what => "previous"
                 }
    }
}

filter {
#If log line contains tab character followed by 'at' then we will tag that entry as stacktrace
    if [message] =~ "\tat" {
        grok {
            match => ["message", "^(\tat)"]
            add_tag => ["stacktrace"]
        }
    }

    grok {
        match => [ "message",
            "(?<timestamp>%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME})  %{LOGLEVEL:level} %{NUMBER:pid} --- \[(?<thread>[A-Za-z0-9-]+)\] [A-Za-z0-9.]*\.(?<class>[A-Za-z0-9#_]+)\s*:\s+(?<logmessage>.*)",
            "message",
            "(?<timestamp>%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME})  %{LOGLEVEL:level} %{NUMBER:pid} --- .+? :\s+(?<logmessage>.*)"
        ]
    }


    date {
        match => [ "timestamp" , "yyyy-MM-dd HH:mm:ss.SSS" ]
    }
}

output {

# Sending properly parsed log events to elasticsearch
    elasticsearch {
        hosts => ['https://**********************:9243/']
        user => 'elastic'
        password => '*********************'
        index => "logstash_%{+YYYYMMdd}"
    }
    stdout { codec => rubydebug }


}

after running the code I go to Elasticsearch then I want to create a data view inserting the name log stash it says not data stream or index found for a given name.
How to make this conf file work and create that index so I can create the view

If ILM is enabled (and it is on by default if your Elasticsearch version supports it) then the index option is ignored. You will have an alias called logstash and indexes called {now/d}-00001 etc.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.