Hey,
I am using ELK stack for log processing. Logstash 1.4.2 (Single Instance)
and Elasticsearch 1.2.2(Cluster of 2 nodes), and redis as broker between
logstash and elasticsearch.
I am able to parse my logs using Logstash, get the parsed document in
Redis. But not able to get the documents inside Elasticsearch.
The following is my Central logstash server configuration file.
input { redis { host => "xx.xx.xx.xx" type =>
"redis-input" data_type => "list" key => "logstash"
threads => 5} redis { host => "xx.xx.xx.xx" type =>
"redis-input" data_type => "list" key => "logstash"
threads => 5}} filter { date { match =>
["timestamp_nsstats",%{YEAR}-%{MONTHNUM}-%{MONTHDAY}[,]%{HOUR}:?%{MINUTE}(?::?%{SECOND})?"]
} } output { stdout { }
elasticsearch { cluster => "logstash" host =>
"xx.xx.xx.xx" protocol => "http" node_name
=> "Node1" index => "logstash-%{+YYYY.MM.dd}"} }
The following is the health of Elasticsearch Instances.
- {
- "cluster_name": "logstash",
- "status": "green",
- "timed_out": false,
- "number_of_nodes": 2,
- "number_of_data_nodes": 2,
- "active_primary_shards": 3,
- "active_shards": 6,
- "relocating_shards": 0,
- "initializing_shards": 0,
- "unassigned_shards": 0
- }
I am not able to find out the reason, that is causing logstash being not able to reach elasticsearch. Do I need to make any changes in configuration file, which might make logstash aware of the elasticsearch server.
Please let me know what you think, that might be causing the issue. If you need any other information please let me know.
Thank you,
Shriyansh
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/1c586b5d-c53e-4899-b9cb-57ce0f57a262%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.