I have installed Logstash and Elasticsearch on an Ubuntu 16.04 machine with 4 gb ram using apt-get install logstash.
When I boot the service with systemctl start logstash it does start the process (I can see it using ps aux | grep logstash) but no index is created in Elasticsearch. I thought I would try to debug it by just running the process in the terminal but when I do it creates no output.
This is the command I run:
sudo -u logstash /usr/share/logstash/bin/logstash \
--path.settings /etc/logstash \
-f /etc/logstash/conf.d/std.conf \
--config.test_and_exit \
--log.level debug
Nothing ever happens - it produces no output. It does not tell me that the main pipeline has started or gives me an error or anything.
I have checked /var/log/logstash put the folder is empty. I have checked syslog but there are only a few entries from when it was running as a service (only entries like Mar 22 20:11:21 elasticsearch-logstash systemd[1]: Started logstash.)
I installed logstash as root and I have tried chown -R logstash:adm both /usr/share/logstash/, var/log/logstash and /etc/logstash but nothing works.
I only have a single configuration file /etc/logstash/conf.d/main.conf and I have tried several pipeline configurations but same result:
main.conf (version 1)
input {
stdin {
}
}
output {
stdout {
}
}
main.conf (version 2)
input {
stdin {
}
}
output {
file {
path => "/var/log/logstash/yo.log"
}
}
main.conf (version 3)
input {
stdin {
}
}
output {
stdout { codec => rubydebug }
}
None of these configurations change the outcome in anyway. I have no idea why it is silently failing on me.
It should be noted that I have also tried installing by downloading the tar file and running Logstash from the downloaded directory with same result.
Any ideas?