Logstash immediately shuts down upon launch in container due to YAML

weiyentan · November 24, 2020, 7:07am

Hi, I have a logstash.yml file that I am using the http api listener.

I have it listening for some post request inputs that has some Json bod's.

Now i am in the process of processing the json. I have some complex json that I want to use the filter.
I thought that I could use the following code but I as soon as my container spins up with this yml the container shuts down. The following is my code. If any one can help with my syntax I willl be most grateful.

input {
  http {
    port => 6000 # default: 8080
    codec => json
  }
}


filter {
  json{
    source => "message"
  }
  split {
    field => "patchesneeded"
    add_field =>{
      computername => "computername"
    }
  }
  split {
    field => "software"
    add_field =>{
      computername => "computername"
  }
}
output {
    elasticsearch {
    hosts => ["http://elasticsearch:9200"]
    index => "system-inventory-[version]}-%{+YYYY.MM.dd}"
    }
    stdout {
    codec => rubydebug
    }
}

Wolfram_Haussig · November 24, 2020, 7:10am

Hi,

I think your second split is missing a closing bracket: The one for add_field seems to be missing.

Best regards
Wolfram

system · December 22, 2020, 7:10am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
HTTP request failure on using the logstash-filter-http Logstash	1	595	March 21, 2021
Http filter plugin adds _jsonparsefailure in tag Logstash	5	863	August 3, 2021
Logstash container shut down + error creating action from filter Logstash docker	2	372	June 29, 2022
Logstash plugin crashing when calling .jar Logstash	4	606	September 6, 2019
Logstash instantnly shut down after importing .csv file inside pipeline folder, also I dont have permisions inside CLI of logstash container or other containers Logstash	1	276	September 5, 2020

Logstash immediately shuts down upon launch in container due to YAML

Related topics