Input command not executing

Hello,

I'm trying to run a command every 10 seconds but it's not working.
Here's my conf file :

input {
exec {
command => "/home/xxx/CICFlow/bin/cfm > '/tmp/logstash.log'"
interval => 10
}
}

What does that mean?

The command /home/xxx/CICFlow/bin/cfm doesn't send any logs to /tmp/logstash.log

The command should parse a pcap log file and transform it in a csv file.
Here's the config file of logstash :

input {
exec {
command => "/home/cdt/CICFlow/bin/cfm /var/log/suricata/log.pcap.1611678832 /tmp/"
interval => 10
}
}

filter {
}

output {
file {
path => "/tmp/logstash.log"
}
}

The /tmp/logstash.log :
{"command":"/home/cdt/CICFlow/bin/cfm","@timestamp":"2021-01-26T10:37:14.163Z","host":"0.0.0.0","message":"","@version":"1"}
{"command":"/home/cdt/CICFlow/bin/cfm","@timestamp":"2021-01-26T10:37:24.163Z","host":"0.0.0.0","message":"","@version":"1"}

But no csv files found in /tmp.
Is it a right acces to the files ? Logstash's executed as logstash user. The pcap files belongs to suricata.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.