Logstash 5.3.2 multiple conf files

teejayuu · November 1, 2017, 11:00am

Good morning

I have setup my ELK stack (5.3.2) to gather Exchange Message Tracking logs from my Exchange Cluster with a conf file in D:\ELK\logstash-5.3.2\01-inputs.conf\exchange_msg_trk.conf and this is working well.

I have been tasked with monitoring Windows logons and have used https://www.elastic.co/blog/monitoring-windows-logons-with-winlogbeat as a guide. I have a conf file in the same location called winlogbeat_logons.conf. This is working as well...except I have to start logstash manually (using bin/logstash -f D:\ELK\logstash-5.3.2\01-inputs.conf\winlogbeat_logons.conf) for it to accept the data. I am using NSSM to manage the logstash service.

Is it possible to have the logstash service start using muliple conf files i.e. -f D:\ELK\logstash-5.3.2\01-inputs.conf\exchange_msg_trk.conf, D:\ELK\logstash-5.3.2\01-inputs.conf\winlogbeat_logons.conf?

Thanks
Tony

magnusbaeck · November 1, 2017, 12:39pm

I don't recall how Logstash behaves with multiple -f options, but the typical solution to the problem is to put all the files in a directory and point to that directory with -f (in your case -f D:\ELK\logstash-5.3.2\01-inputs.conf I suppose).

teejayuu · November 1, 2017, 3:05pm

Thanks. That worked

system · November 29, 2017, 3:06pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash.conf location in Windows Logstash	6	9309	June 16, 2017
Logstash with multiple conf files Logstash	7	3475	December 23, 2020
New to Logstash Filter Config file questions Logstash	2	332	October 8, 2019
Issue with Multiple Logstash Conf files Logstash	14	2971	July 5, 2017
Issue with Filebeat and Multiple Logstash Conf files Beats filebeat	7	1210	June 28, 2017

Logstash 5.3.2 multiple conf files

Related topics