Is it possible to control the interval logstash send data to elasticsearch?

Wang_Yin · May 8, 2023, 6:03pm

I'm very new to ELK, I'd like to know is it possible to control the interval logstash send data to elasticsearch?

For example, I have a simple logstash config file running in /etc/logstash/conf.d folder:

input {
  file {
       path => ["/usr/share/logstash/ncs.log"]
       tags => ["ncs"]
       start_position => "beginning"
  }
}

output {
  if "ncs" in [tags] {
  stdout { codec => rubydebug }
  elasticsearch {
    hosts => ["https://12.34.56.78"]
    index => "ncs-test-%{+YYYY.MM}"
  }
}
}

I noticed that logstash keeps sending the content of /usr/share/logstash/ncs.log to elasticsearch every 0.5 second, even when there's no change to that file. Can I change that interval, say from 0.5 second to 300 seconds?

I tried using stat_interval => 300 and discover_interval => 300 in Input plugin, but to no avail (and I'm not sure if it's the correct way to control the interval logstash send data to elasticsearch).

Any help or guidance will be greatly appreciated!

Rios · May 9, 2023, 8:13am

Should be on the level LS configuration not a .conf file.
Check pipeline.batch.delay and pipeline.batch.size and this.

system · June 6, 2023, 8:13am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash don't send data to elastic, but send it to stdout Logstash	4	972	July 6, 2017
Logstash output send rate Logstash	9	4990	March 28, 2017
How can I make logstash automatically send my information to elasticsearch? Elasticsearch	6	313	May 8, 2023
Logstash Kafka input, set interval/frequency Logstash	2	762	June 16, 2017
Flexible interval of exec input Logstash	3	1022	June 6, 2019

Is it possible to control the interval logstash send data to elasticsearch?

Related topics