Please help me out I have configure full ELK Stack to parse our Weblogic log but somehow it did not pickup the log and parse it. Everything is working but when I ran.
curl -XGET 'http://testweblogic.net:9200/filebeat-*/_search?pretty' and here is the output.
{
"took" : 0,
"timed_out" : false,
"_shards" : {
"total" : 0,
"successful" : 0,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : 0,
"max_score" : 0.0,
"hits" :
}
}
here is my logstash.conf
input {
file {
path => "/var/weblogic/log/*.log"
start_position => beginning
}
}
filter {
grok {
match => [ "message", "<%{DATA:log_timestamp}> <%{WORD:log_level}> <%{WORD:thread}> <%{HOSTNAME:hostname}> <%{HOSTNAME:servername}> <%{DATA:timer}> <<%{DATA:kernel}>> <> <%{DATA:uuid}> <%{NUMBER:timestamp}> <%{DATA:misc}> <%{DATA:log_number}> <%{DATA:log_message}>" ]
}
}
output {
elasticsearch {
hosts => ["testweblogic.net:9200"]
}
}