Help: Trying to get logstash to start as a service

Elastic Stack Logstash
1

Hi,
I am really struggling to launch logstash as a service on CentOS 7 (see confused and concerned topic below). Since I cannot figure out what or where to set the
-DJava.io.tmpdir= variable (which apparently would solve my issue), I am trying to create a little script to launch the logstash command line on boot.

The following line works manually for me:

sudo /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d

That successfully loads and opens port 5000.

So I am trying to create a boot time script to run that line and start logstash.

My problem is that I think I need the sudo command as it fails to run without it. Does anyone know how I can get this to work?

I have the following files /etc/systemd/system/mylogstash.service:

[Unit]
After=network.target

[Service]
ExecStart=/usr/local/bin/disk-space-check.sh

[Install]
WantedBy=default.target

and also /usr/local/bin/mylogstashstart.sh:

#!/bin/bash
/usr/share/logstash/bin/logstash -f /etc/logstash/conf.d

To make the script executable I have done:

chmod 744 /usr/local/bin/mylogstash.sh
and
chmod 664 /etc/systemd/system/mylogstash.service

It fails to execute as there are insufficient permissions. How do I replicate the Sudo in the script without storing a password and do I even need to?
Can anyone tell me where I have gone wrong please? I'm getting pretty desperate, and no-one likes to see a man desperate...

Thanks,
QR

2

The issue appears to be a combination of things:
The build of CentOS 7 I have been given has noexec on /tmp which was an issue that stopped command line execution of logstash.
The permissions around /etc/logstash and /etc/logstash.conf.d
These were set to root only, which might be fine for others but for me was a bad do.
I executed the following command:
setfacl -Rm d:u:logstash:rwX,u:logstash:rwX /etc/logstash
Which set rw on the directory and conf.d
Before when I was running Verbose from the command line I was getting a warning that the service could not find logstash.yml but it would start using a default.
When starting from SystemCtl the service would start but not listen
So after the line above I rebooted and made sure the logstash service was running and did a netstat -ntl
And to my delight discovered that logstash was now listening on port 5000 as hoped and that the listener persisted.
So at the moment this is a solved issue. I hope this helps someone else

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.