Hi Everyone,
In my scenario, I installed logstash using yum. The logstash version is 5.4.3. I am sending /var/log/messages to a file(output.txt) which is present on same system.
Operating System - Centos
Below is the logstash.conf file which is present in the path (/etc/logstash/conf.d/logstash.conf)
input {
file {
path => "/var/log/messages"
start_position => "beginning"
ignore_older => 0
}
}
output {
file {
path => "/root/output.txt"
}
}
When I am starting logstash as a service using command #systemctl restart logstash.service, the service gets started but logs are not transferred to output.txt file.
Opening the (/var/log/logstash/logstash-plain.log), i found that it says "permission error"
[2018-05-01T11:59:13,922][WARN ][logstash.runner ] SIGTERM received. Shutting down the agent.
[2018-05-01T11:59:13,928][WARN ][logstash.agent ] stopping pipeline {:id=>"main"}
[2018-05-01T11:59:44,665][INFO ][logstash.pipeline ] Starting pipeline {"id"=>"main", "pipeline.workers"=>1, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>125}
[2018-05-01T11:59:44,916][WARN ][logstash.inputs.file ] failed to open /var/log/messages: Permission denied - /var/log/messages
[2018-05-01T11:59:44,944][INFO ][logstash.pipeline ] Pipeline main started
[2018-05-01T11:59:45,013][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[2018-05-01T12:04:45,298][WARN ][logstash.inputs.file ] failed to open /var/log/messages: Permission denied - /var/log/messages
[2018-05-01T12:09:46,658][WARN ][logstash.inputs.file ] failed to open /var/log/messages: Permission denied - /var/log/messages
[2018-05-01T12:14:47,998][WARN ][logstash.inputs.file ] failed to open /var/log/messages: Permission denied - /var/log/messages
Please help me to solve this issue.
Thanks
Nikhil Kapoor