File input plugin not working

Enigma_666 · April 23, 2019, 2:52pm

Hi , I'm using Logstash with docker to send apache logs to elasticsearch , when I use beats plugin as input it's works fine , but when I try file input plugin , nothing happens , there is no indices in elasticsearch , this is my config file
input
{

file {

path => "/var/log/apache/apache_logs.log"

start_position => "beginning"

ignore_older => 0
sincedb_path => "/dev/null"

}

filter
{

grok {

match => { "message" => "%{COMBINEDAPACHELOG}" }
}

date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}

output
{

elasticsearch {

index => "apache-logs"

hosts => {"localhost:9200"}
stdout {
codec => rubydebug
}
}

Badger · April 23, 2019, 2:53pm

That says to ignore files that are more than zero seconds old, which means to ignore everything.

Enigma_666 · April 23, 2019, 3:00pm

I deleted that line but still it doesn't work

system · May 21, 2019, 3:00pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.