Logs are not displaying with event wise

Elastic Stack Logstash
1

Hi All,

I am facing the strange issue, I am seeing the logs in file is 693400 lines but i am seeing 2222419 lines of logs in Kibana. Dont know how it was taken from my log file. I used multiline also but still the same. Please find the configuration below and suggest me to resolve this issue.

input
{
file
{
path => "/etc/logstash/ssg.log"
codec => multiline {
pattern => "(^%{TIMESTAMP_ISO8601} )"
negate => "true"
what => "previous"
}
sincedb_path => "/dev/null"
}
}
filter
{
grok
{
match => {"message" => "%{SPACE}%{NOTSPACE}%{SPACE}%{GREEDYDATA}"}
}
}

output
{
elasticsearch
{
hosts => ["x.x.x.x:9200"]
}
stdout {codec => rubydebug }
}

Thanks in advance.

Regards
Raja

2

I resolved the issue by making new grok patterns.

Thanks to elastic team for not giving any answer to my question...

3

You are very welcomed. Your message is encouraging me not to answer to any of your messages.

Did you read this page?

If not please look at the "Also be patient" part.

4

And BTW I'm moving your thread to #logstash as you posted it in the wrong place IMO.

5

I hope you misunderstood me.Not any of my messages. Its only specific to this question.

Because of you didn't reply to this question I have debugged my own and able to resolved.

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.