Configuration is invalid

Ruthvik_Sai · December 5, 2018, 11:35am

Hi friends,

I am getting the following error:

C:\logstash\bin>logstash -f appname_modifier.conf --config.test_and_exit
Sending Logstash logs to C:/logstash/logs which is now configured via log4j2.properties
[2018-12-05T16:59:11,767][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2018-12-05T16:59:13,206][FATAL][logstash.runner ] The given configuration is invalid. Reason: Expected one of #, {, ,, ] at line 10, column 13 (byte 173) after filter {
mutate {
gsub => [
"event_data.NewProcessName", ".OUTLOOK.*", "outlook.exe"

[2018-12-05T16:59:13,257][ERROR][org.logstash.Logstash ] java.lang.IllegalStateException: Logstash stopped processing because of an error: (SystemExit) exit

My logstash configuration is as follows:

input {
beats {
port => "5044"
}
}
filter {
mutate {
gsub => ["event_data.NewProcessName", ".OUTLOOK.", "outlook.exe"]
#"event_data.NewProcessName", ".WINWORD.", "word.exe"
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
}
}

Can you pls help me in resolving the error?

thanks in advance

Ruthvik_Sai · December 11, 2018, 10:31am

Can someone please help me in understanding what could be the cause of the error so that I know how to progress??

system · January 8, 2019, 10:43am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.