File output not ordered with -w 1

billy6 · December 12, 2016, 10:51am

Hello, I have a logstash configuration

input{
elasticsearch {
        hosts=> [ "SERVERHOST"]
        index => "logstash-syslog-2016.12.01"
         query => '{"filter" : {
                    "term" : { "host.raw" : "HOST" }

        }}'
    }

}

output {
   file{
         path => "/etc/elk/logout/FILE.log"
        }


}

The problem I have is with the file output, it is not ordered, I decreased the amount of workers to 1, but even with this the data appears not ordered in the file. (in ES is ordered)

warkolm · December 13, 2016, 3:51am

You need to add a sort section to the query - https://www.elastic.co/guide/en/elasticsearch/reference/5.1/search-request-sort.html

system · January 10, 2017, 3:51am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Sorting with elasticsearch input Logstash	1	968	July 6, 2017
Logstash config file processing order Logstash	2	1389	February 7, 2018
File output filter writing logs out of order Logstash	3	1664	July 6, 2017
Input Elastic Plugin in Logstash Error Logstash	3	309	February 21, 2020
Logstash Elasticsearch Input - Query in @timestamp order Logstash	12	2841	January 4, 2020

File output not ordered with -w 1

Related topics