Logstash Configuration doubts

Balamurali · October 11, 2017, 9:01am

Hi All,

We are working on Indexing system logs ( nagios log ) to Elasticsearch using logstash.
We have two basic doubts on this .

We are going to parse nagios log to logstash for every minute,
For this every minute , we need to send whole nagios log to logstash , then there is duplicate issue for all records expect new lines in log.
How to overcome this issue?
which filter is flexible for this nagios log parsing , please suggest us!!

Please Help on this and Thanks in Advance

magnusbaeck · October 15, 2017, 7:47pm

For this every minute , we need to send whole nagios log to logstash

Why? It doesn't appear to make any sense.

Topic		Replies	Views
Logstash parse log nginx not index refresh Logstash	1	427	September 17, 2019
Nagios event/log to Logstash Logstash	3	3456	July 6, 2017
Logstash duplicate Logstash	12	129	March 17, 2025
Using logstash for parsing logs Logstash	21	6867	July 6, 2017
Getting Data duplicated while parsing the logs using Logstash Logstash	3	736	June 18, 2017