Logstash 5 installation and configuration problem

Pavel_Amorok · November 10, 2016, 10:09am

java -version
java version "1.8.0_73"
Java(TM) SE Runtime Environment (build 1.8.0_73-b02)
Java HotSpot(TM) 64-Bit Server VM (build 25.73-b02, mixed mode)

CentOS Linux release 7.2.1511 (Core)

/usr/share/logstash/bin/logstash --configtest
INFO: Logstash requires a setting file which is typically located in $LS_HOME/config or /etc/logstash. If you installed Logstash through a package and are starting it manually please specify the location to this settings file by passing in "--path.settings=/path/.."
ERROR: Failed to load settings file from "path.settings". Aborting... path.setting=/usr/share/logstash/config, exception=Errno::ENOENT, message=>No such file or directory - /usr/share/logstash/config/logstash.yml

[root@kibana ~]# /etc/logstash/conf.d/config.conf -f /etc/logstash/conf.d/config.conf --configtest --debug
-bash: /etc/logstash/conf.d/config.conf: Permission denied

/etc/logstash/conf.d/config.conf

input {
udp {

port => 5514
type => "syslog"
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
sniffing => true
manage_template => false
index => "mikrotik-%{+YYYY.MM.dd}"
document_type => "%{type}"
}
}

[root@kibana ~]# netstat -ntulp | grep 5514
udp6 213440 0 :::5514 :::* 616/java

logstash-plain.log
[2016-11-10T12:40:05,256][WARN ][logstash.outputs.elasticsearch] UNEXPECTED POOL ERROR {:e=>#<LogStash::Outputs::ElasticSearch::HttpClient::Pool::NoConnectionAvailableError: No Available connections>}
[2016-11-10T12:40:05,257][WARN ][logstash.outputs.elasticsearch] Elasticsearch output attempted to sniff for new connections but cannot. No living connections are detected. Pool contains the following current URLs {:url_info=>{}}
[2016-11-10T12:40:08,012][WARN ][logstash.outputs.elasticsearch] UNEXPECTED POOL ERROR {:e=>#<LogStash::Outputs::ElasticSearch::HttpClient::Pool::NoConnectionAvailableError: No Available connections>}
[2016-11-10T12:40:08,013][ERROR][logstash.outputs.elasticsearch] Attempted to send a bulk request to elasticsearch, but no there are no living connections in the connection pool. Perhaps Elasticsearch is unreachable or down? {:error_message=>"No Available connections", :class=>"LogStash::Outputs::ElasticSearch::HttpClient::Pool::NoConnectionAvailableError", :will_retry_in_seconds=>16}
[2016-11-10T12:40:10,259][WARN ][logstash.outputs.elasticsearch] UNEXPECTED POOL ERROR {:e=>#<LogStash::Outputs::ElasticSearch::HttpClient::Pool::NoConnectionAvailableError: No Available connections>}

magnusbaeck · November 12, 2016, 6:10pm

Disabling sniffing should work around the problem.

system · December 10, 2016, 6:11pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.