Logstash - Agent Failing to execute Actions

Elastic Stack Logstash
1

Hey Everyone,

I'm currently trying to load some .csv data into my Elasticsearch/Kibana by using logstash. At this current time I'm getting the following error when I'm trying to load my data.
[WARN ] 2019-03-02 18:52:48.499 [LogStash::Runner] multilocal - Ignoring the 'pipelines.yml' file because modules or command line options are specified
[INFO ] 2019-03-02 18:52:48.515 [LogStash::Runner] runner - Starting Logstash {"logstash.version"=>"6.6.1"}
[ERROR] 2019-03-02 18:52:54.711 [Converge PipelineAction::Create] file - Unknown setting 'start' for file

[ERROR] 2019-03-02 18:31:46.195 [Converge PipelineAction::Create] agent - Failed to execute action {:action=>LogStash::PipelineAction::Create/pipeline_id:main, :exception=>"LogStash::ConfigurationError", :message=>"Something is wrong with your configuration.", :backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/config/mixin.rb:86:in config_init'", "/usr/share/logstash/logstash-core/lib/logstash/inputs/base.rb:60:ininitialize'", "org/logstash/plugins/PluginFactoryExt.java:251:in plugin'", "org/logstash/plugins/PluginFactoryExt.java:181:inplugin'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:71:in plugin'", "(eval):8:in'", "org/jruby/RubyKernel.java:994:in eval'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:49:ininitialize'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:90:in initialize'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline_action/create.rb:43:inblock in execute'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:94:in block in exclusive'", "org/jruby/ext/thread/Mutex.java:148:insynchronize'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:94:in exclusive'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline_action/create.rb:39:inexecute'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:327:in `block in converge_state'"]}
[INFO ] 2019-03-02 18:31:46.714 [Api Webserver] agent - Successfully started Logstash API endpoint {:port=>9600}

As some more background, here is my current .config that I'm using.

input {
file {
path => "/home/elaver/Downloads/nmaptocsv/ElliottsNmap.csv"
start => "Start"
sincedb_path => "/dev/null"
}
}
filter {
csv {
seperator => ","
columns => ["IP","FQDN","PORT","PROTOCOL","SERVICE","VERSION","OS"]
}
}
output {
elasticsearch {
hosts => "http://localhost:9200"
index => "PublicES"
}
stdout {}
}

These are my current version's that Im using for all 3.

elasticsearch 6.6.1-1
logstash 6.6.1-1
kibana 6.6.1-1

Hopefully this helps, if you need any more info from me feel free to give me a shout and thanks again for giving me a hand in advance.

2

That should be start_position => "beginning"

3

Thank you, have changed around my conf file.

Still getting the below.

[elaver@yukkisyukkis logstash]$ sudo /usr/share/logstash/bin/logstash -f /etc/logstash/logstash_ES.conf
WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults
Could not find log4j2 configuration at path /usr/share/logstash/config/log4j2.properties. Using default config which logs errors to the console
[WARN ] 2019-03-03 02:05:01.954 [LogStash::Runner] multilocal - Ignoring the 'pipelines.yml' file because modules or command line options are specified
[INFO ] 2019-03-03 02:05:01.974 [LogStash::Runner] runner - Starting Logstash {"logstash.version"=>"6.6.1"}
[ERROR] 2019-03-03 02:05:08.521 [Converge PipelineAction::Create] csv - Unknown setting 'seperator' for csv
[ERROR] 2019-03-03 02:05:08.554 [Converge PipelineAction::Create] agent - Failed to execute action {:action=>LogStash::PipelineAction::Create/pipeline_id:main, :exception=>"LogStash::ConfigurationError", :message=>"Something is wrong with your configuration.", :backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/config/mixin.rb:86:in config_init'", "/usr/share/logstash/logstash-core/lib/logstash/filters/base.rb:126:ininitialize'", "org/logstash/plugins/PluginFactoryExt.java:70:in filter_delegator'", "org/logstash/plugins/PluginFactoryExt.java:244:inplugin'", "org/logstash/plugins/PluginFactoryExt.java:181:in plugin'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:71:inplugin'", "(eval):12:in <eval>'", "org/jruby/RubyKernel.java:994:ineval'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:49:in initialize'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:90:ininitialize'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline_action/create.rb:43:in block in execute'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:94:inblock in exclusive'", "org/jruby/ext/thread/Mutex.java:148:in synchronize'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:94:inexclusive'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline_action/create.rb:39:in execute'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:327:inblock in converge_state'"]}
[INFO ] 2019-03-03 02:05:09.029 [Api Webserver] agent - Successfully started Logstash API endpoint {:port=>9600}

4

It should be separator.

5

Thanks Badger, it was staring me in the face the entire time.

Solution marked and thread can be locked.