We have written a logstash script to process a simple ASCII file and export contents to stdout{}. We have verified the script works when the input is specified as stdin{}
However, we cannot get the script to work when we specify a file as the input.
Config file contents are:
input {
file {
path => "C:\logstash-7.4.1\conf\sample.log"
start_position => "beginning"
sincedb_path => "nul"
ignore_older => 0
}
}
filter {
# Add filter here. This sample has a blank filter.
grok {
match => [
"message", "%{TIMESTAMP_ISO8601:timestamp_string}%{SPACE}%{GREEDYDATA:line}"
]
}
date {
match => ["timestamp_string", "ISO8601"]
}
mutate {
remove_field => [message, timestamp_string]
}
}
output {
stdout {}
}
sample.log contents are:
2007-03-01T13:00:00Z I met a traveller from an antique land
2007-03-01T13:00:01Z Who said-"Two vast and trunkless legs of stone