Cloudtrail integration in logstash 2.4

vijjun123 · August 3, 2017, 8:19am

Hi All,

Facing issue while creating logstash for cloudtrail integration and data is not flowing to elasticsearch.

Please find the logstash 2.4 config details below.

input{
s3
{
bucket => "sademocloudtrail"
sincedb_path => "/opt/logstash_cloudtrail/sincedb"
temporary_directory => "/opt/temp-cloudtrail_s3_temp"
delete => false
interval => 60 # seconds
prefix => "AWSLogs/066037576108/CloudTrail/"
add_field => { source => "gzfiles" }
codec => cloudtrail {}
}
}
output{
elasticsearch {
hosts => "http://10.3.1.99:9200"
index => "test"
}
stdout {}
}

magnusbaeck · August 6, 2017, 6:54pm

Is Logstash reading the log files at all? Just use a stdout { codec => rubydebug } output until you've verified your inputs and your filters.

system · September 3, 2017, 6:54pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cloudtrail log to Logstash Logstash	2	345	October 8, 2019
File input plugin not sending to elasticsearch Logstash	4	1231	November 9, 2017
Logstash 2.3 S3 cloudtrail input Logstash	2	968	July 6, 2017
Logstash with Cloudtrail Logstash	2	1404	March 21, 2017
Cloudtrail logs parsing with logstash Logstash	2	2047	March 21, 2017

Cloudtrail integration in logstash 2.4

Related topics