Hallo,
I have a weird problem regarding docker with logstash. I have a logstash configuration which is working. Logstash is also booting up properly. Sadly it doesnt output anything to stdout or to my GELF output.
docker command.:
docker run -p 1535:1535/udp --link graylog:graylog -v /graylog/data/logstash:/usr/share/logstash/data -v /srv/logstash/config-dir:/config-dir -e TZ=Europe/Vienna --name=logstash pkahr/docker-logstash-gelf -f /config-dir/logstash.conf
logstash config
root@log ~ # cat /srv/logstash/config-dir/logstash.conf
input {
udp {
host => localhost
port => 1535
codec => netflow {
versions => [10]
target => ipfix
}
type => ipfix
}
tcp {
host => localhost
port => 4739
codec => netflow {
versions => [10]
target => ipfix
}
type => ipfix
}
}
output {
stdout { codec => rubydebug }
gelf {
host => 'graylog'
port => 12202
}
}
i seriously have no idea what the problem actually is.
if i create a bash inside the container i can see with tcpdump that traffic is arriving. So traffic should be accessible by logstash.
It relates to that issue.: Netflow Logstash V9 not working not getting any logs - #9 by jorritfolmer but we solved the Netflow Issue there, so the processing of this should be possible.