I'm trying to do a script to load an apache file log.
The configuration files is correct because I started different time to load this file with the command logstash -f <path_conf_file> and I viewed the dot on the screen.
I interrupted different time by CTRL+C che process and killed it other time. Now at the restart of the server ELK with logstash too I don't see dot on the screen and the
I check the log of elasticsearch (/var/log/elasticsearch/elasticsearch.log) and logstash (/var/log/logstash/logstash-plain.log) too but I don't found nothing.
I may have found the problem, it could be due to the sincedb which contains the information of the file already processed. where do I find the synchedb configuration on logstash 6.2.1?
sincedb_path is configurable, but it's default depends on your Logstash settings for path.data; you can either find and delete it, or just specify a path where a new sincedb can be created.
My path.data is
path.data: /var/lib/logstash
In this folder I don't found sincedb,
I have this result
franco@serverElk:/var/lib/logstash/plugins/inputs/file$ ls -li/var/lib/logstash/plugins/inputs/file$ ls -li
total 0
what is the name? Where is stored?
My Os is debian server 9.0 and logstash 6.2.1.
Thank you
Franco
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.