Conf File for Logstash is not working

kartikeya_sharma_13 · May 7, 2017, 8:21am

Is there anything wrong with this config file .I am right now logstash v 5.4.0

input { 
file{
path =>"C:/ELK/Data/iis_data.csv"
sincedb_path => "C:/ELK/Data/.sincedb"
start_position => "beginning"
type=>"csv"
}
file{
	path=>"C:/ELK/Data/Dewi_data.csv"
	sincedb_path => "C:/ELK/Data/.sincedb"
	start_position => "beginning"
	type=>"csv"
}
}
filter{
 if [path]== "C:/ELK/Data/iis_data.csv"
 {
	csv{
	separator => ","
	autogenerate_column_names => false
	columns => ["_time","clientip","host","id","key","Product","user","status","Method","type","uri_query"]
	}
	mutate {
			add_field => { "foo" => "Hello world, from iis_data" }
		merge => { 
			"foo" => "type" 
			}
			rename => { 
			"clientip" => "client_ip" 
			}
			update => { 
			"foo" => "My new message" 
			}
		}
	translate{
		field => "status"
	 	add_tag => ["Http"]
		dictionary_path => "C:/ELK/logstash/logstash-5.3.1/bin/http_status.csv"
	}

}
else if [path] == "C:/ELK/Data/Dewi_data.csv"
{
  csv{
	separator => ","
	autogenerate_column_names => false
	columns => ["_time","APPS","KPI","TypeOfKPI","Threshold","Current","High Value","Low Value"]
	}
	
	mutate {
		add_field => { "foo" => "Hello world, from Dewi Data" }
		convert => { 
		"Threshold" => "integer"
		"Current" => "integer"
		"High Value" => "integer"
		"Low Value" => "integer"
		}
	}

   }
  }
output {
if [path] == "C:/ELK/Data/iis_data.csv"
{
elasticsearch { 
hosts => "http://localhost:9200"
index => "iis_test_part2"
}
}
else if [path] == "C:/ELK/Data/Dewi_data.csv"
{
elasticsearch{
 hosts => "http://localhost:9200"
 index => "dewi_index_part2"
}
}
stdout {
	id => "my_plugin_id"
	
}
}

jupp · May 7, 2017, 12:35pm

Do you get an error when you load the config? What is the output?

system · June 4, 2017, 12:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.