File output not ordered with -w 1

billy6 · December 12, 2016, 10:51am

Hello, I have a logstash configuration

input{
elasticsearch {
        hosts=> [ "SERVERHOST"]
        index => "logstash-syslog-2016.12.01"
         query => '{"filter" : {
                    "term" : { "host.raw" : "HOST" }

        }}'
    }

}

output {
   file{
         path => "/etc/elk/logout/FILE.log"
        }


}

The problem I have is with the file output, it is not ordered, I decreased the amount of workers to 1, but even with this the data appears not ordered in the file. (in ES is ordered)

warkolm · December 13, 2016, 3:51am

You need to add a sort section to the query - https://www.elastic.co/guide/en/elasticsearch/reference/5.1/search-request-sort.html

system · January 10, 2017, 3:51am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash config file processing order Logstash	2	1387	February 7, 2018
File output filter writing logs out of order Logstash	3	1664	July 6, 2017
How to process messages strictly in the order they arrive? Logstash	5	5011	July 6, 2017
Strict execution ordering of Logstash output plugins Logstash	6	451	November 17, 2022
Log messages with same index timestamps are not in the order as in the actual log file Logstash	10	2891	August 19, 2020

File output not ordered with -w 1

Related Topics