Logstash getstarted

Chemse · May 2, 2017, 1:06pm

Hello !!

I just install Logstach succesfully, and I want to test it with this command

bin/logstash -e 'input { stdin { } } output { stdout {} }'

My problem is I don't know where can I find this folder

bin/logstash ???

I am using CentOs and lase version of logstash 5.3.2

Please Help !!!!!

magnusbaeck · May 3, 2017, 5:46am

How did you install Logstash?

Chemse · May 3, 2017, 8:48am

I installed it from rpm file in Centos.
I found the folder logstash 5.3.2 and I create the file logstash.conf

input { stdin { } }
output {
elasticsearch { hosts => ["localhost:9200"] }
stdout { codec => rubydebug }
}

the input works even I can read data from a cvs file and the output stdout { codec => rubydebug } works as well

but output elasticsearch { hosts => ["localhost:9200"] } doesn't work ?? doesn't send data to elasticsearch
my elasticsearch is installed in a docker container and kibana in an other container, they are well conected to each other using a docker network, in ports 9200 , 5601
I can't reach them from Logstash, wich is installed in the host machine Centos how can I manage this mess ?? please help !!!

magnusbaeck · May 3, 2017, 11:16am

But if you're running ES in a container, is it really accessible via localhost:9200? With the default network mode of containers I'd assume you'd have to use its IP address.

Chemse · May 3, 2017, 12:09pm

I didn't use any IP address, I used directly localhost:9200 and I got this result

and for Kibana I've create a docker network and I did connect both containers ES and Kibana together

but if you see that I've to use the IP address, can you please tell me how can I use it ?

magnusbaeck · May 3, 2017, 12:23pm

but if you see that I've to use the IP address, can you please tell me how can I use it ?

Use the ES container's IP address instead of the localhost address. You can use the docker inspect command to locate the container's IP address.

Chemse · May 3, 2017, 12:36pm

You mean I've to replace localhost by the IP address ?? in the output like this

output { elasticsearch { host => ["IP@:9200"] } stdout { codec => rubydebug } }

but I tried the command docker inspect I found three deffernts IP@ i've tried the three of them but it doesn't work ??? I tried to reach ES fist from firefox IP@:9200 but it doesn,'t work

magnusbaeck · May 3, 2017, 1:34pm

In this case the container's IP address is 172.17.0.2. Does curl 172.17.0.2:9200 work?

Chemse · May 3, 2017, 1:50pm

no it doesn't work!!! this is what i got !!! Error

Chemse · May 3, 2017, 1:59pm

the @IP doesn't work
but finally I got the connexion between Logstash, ES and Kibana
it was cause of X-pack, securety assue
I followed this link and it works
https://www.elastic.co/guide/en/x-pack/current/logstash.html

system · May 31, 2017, 2:00pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.