Logstash doesn't index when I restart the services but works when I test it

bharathdev · September 11, 2017, 4:46pm

Here is my conf file in /etc/logstash/conf.d/apachelog.conf...I don't see index in kibana

But when i enter this command it works
/opt/logstash/bin/logstash -f /etc/logstash/conf.d/apachelog.conf
and I see the index in elasticsearch

I want to start it when i restart my services like "service logstash start"

input {
file {
path => "/var/log/apache2/access.log"
type => "apache_log" # a type to identify those logs (will need this later)
start_position => "beginning"
sincedb_path => "/dev/null" #to clear since db
}
}

filter {
grok {
match=> { message => "%{COMBINEDAPACHELOG}" }
}
date {
locale => "en"
match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}

output {
#stdout { }
elasticsearch {
hosts => ["localhost:9200"]
sniffing => true
manage_template => false
index => "mylogs"

}

}

magnusbaeck · September 11, 2017, 6:23pm

Does the logstash user have read access to /var/log/apache2/access.log?

system · October 9, 2017, 6:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.