I am not able to see any output on my logstash and kibana.But pipeline is created successfully

sanjayzack · December 27, 2017, 7:52am

input {
file {
path => "C:\Users\Micronet1\Desktop\logstash-acess\Main.log"
codec => multiline {
pattern => "^%{TIMESTAMP_ISO8601}"
negate => true
what => previous
}
}
}
filter {

if [path] == "Main" {

grok {      
    match => { "message" => "%{DATA:time} %{LOGLEVEL:level} \[%{DATA:class}\] %{JAVACLASS:class}%{DATA:method}:%{GREEDYDATA:syslog_message}"}
}
}

}

output {

elasticsearch { 
    hosts => [ "localhost:9200" ]
    index => "logstash-*"
   
}
 
stdout { codec => rubydebug }

}

magnusbaeck · December 31, 2017, 1:37pm

Baby steps. First get Logstash to read the input file without a multiline filter. Comment out your elasticsearch output and keep only your stdout output. Then you can start adding more features.

Logstash is probably tailing the input file. Read more about the file input's start_position and sincedb_path options.

system · January 28, 2018, 1:38pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.