I am a complete beginner with Logstash and I have issues configurating it. I am getting this error message :
Thread.exclusive is deprecated, use Thread::Mutex
Sending Logstash logs to /var/log/logstash which is now configured via log4j2.properties
[2020-01-27T16:51:43,379][FATAL][logstash.runner ] An unexpected error occurred! {:error=>#<ArgumentError: Path "/var/lib/logstash/queue" must be a writable directory. It is not writable.>, :backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/settings.rb:489:in validate'", "/usr/share/logstash/logstash-core/lib/logstash/settings.rb:271:in validate_value'", "/usr/share/logstash/logstash-core/lib/logstash/settings.rb:182:in block in validate_all'", "org/jruby/RubyHash.java:1417:in each'", "/usr/share/logstash/logstash-core/lib/logstash/settings.rb:181:in validate_all'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:284:in execute'", "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/clamp-0.6.5/lib/clamp/command.rb:67:in run'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:242:in run'", "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/clamp-0.6.5/lib/clamp/command.rb:132:in run'", "/usr/share/logstash/lib/bootstrap/environment.rb:73:in '"]}
[2020-01-27T16:51:43,483][ERROR][org.logstash.Logstash ] java.lang.IllegalStateException: Logstash stopped processing because of an error: (SystemExit) exit
Is anyone familiar with this kind of error message ?
That would work if the user who is running logstash owns the /var/lib/logstash/queue directory. Personally I have the directory group writeable and add myself to the logstash group, then make the directory 775.
I installed logstash on Ubuntu via the software installer, and it created a logstash user, and set the permissions accordingly here:
ben@Ben:/usr/share/logstash$ ls -l /var/lib/logstash
drwxr-xr-x 2 logstash logstash 4096 Jan 23 16:32 queue
When I launch logstash, I use sudo -u logstash bin/logstash ... and it is allowed then to write on /var/lib/logstash
If this doesn't work, can you can give more information on the user used to launch logstash, and display the permissions of the /var/lib/logstash folder ?
I am a beginner in logstash and want to parse xml to json using logstash filter plugin.
I need my json output removing few tags and few attributes from some tags.
Hello, Synaptic creates a 'logstash' user, then set all logstash installation directory permissions with group 'logstash' and user 'logstash'.
The first possibility, as Badger says, is to add yourself to the group 'logstash': sudo usermod -a -G logstash aixm, then check if it's ok by running groups, 'logstash' should be listed (note that you should restart your session first).
The second possibility is to specify the user that run logstash, which replies to your question:
Blockquote
Do you know the command line used to know which user is used to launch logstash ?
That's what you input: sudo -u logstash bin/logstash, the 'sudo -u logstash' will then use the user 'logstash' to run logstash.
Beware that your queue folder is on user permission to aix, it would be better to chown logstash queue it to logstash again with this solution to be consistent.
If you go for the first solution, at least try to be consistent and adapt all folders and files to be owned by 'aix'.
If someone can validate or argument why one approach is better than the otter, it would be interesting to know . The second approach seems more secure because you only have the logstash rights for the duration of the execution, but is more verbose to type-in (maybe we drift off-topic here and it should be discussed on a separate post).
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.