Logstash Elasticsearch Input

vishakh · May 6, 2021, 7:49pm

I'm trying to extract (or) export logs from Elasticsearch via Logstash
I would like to write the extracted logs to a file

input {
  elasticsearch {
    hosts => "elasticsearch.domain.com:9200"
    query => '{ "size": 5, "query": { "match": { "host.ip": "10.1.1.1"} } }'
    size => 5
    user => "<username>"
    password => "<password>"
    scroll => "1m"
    ca_file => "/etc/logstash/certs/ca.crt"
    ssl => true
    index => "winlogbeat-7.10*"
   }
}
output {
  file {
    path => "/var/log/logstash/search-output.txt"
    codec => line
   }
}

vishakh · May 6, 2021, 7:53pm

Below is the output from the pipeline execution

vishakh · May 6, 2021, 7:54pm

After the execution, I don't see the log-extracted written into a log file

Badger · May 6, 2021, 9:52pm

Please do not post pictures of text. They are hard to read (and some folks will be unable to read them at all) and impossible to search. Just post the text. If the text is too big post a link to a gist on github or similar text sharing site.

system · June 3, 2021, 9:52pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
ElasticSearch Input Plugin has no log output Logstash	3	569	January 28, 2022
Logstash integrate with Elasticsearch Logstash	6	960	July 6, 2017
Elasticsearch's output to logstash Elasticsearch	6	354	July 19, 2019
Elasticsearch-Input to File-Output: How to ensure query or index has been fully exported? Logstash docker	3	693	April 28, 2022
Elasticsearch Input Filter Returns %{message} Logstash	2	865	March 13, 2017

Logstash Elasticsearch Input

Related topics