i test a file output to ES, and i use "/usr/share/logstash/bin/logstash -f testlog.conf", the data output to ES, it's working and i Ctrl+c , and systemctl restart logstash. the data no output to ES.
i don't know what is the reason? who can help me
the ES'version is 6.3.2 and the logstash'version is 6.3.2, they have been installed on the same VM.
thanks
i use stdout { codec => rubydebug }, it's ok. and i change output to ES. and run command "/usr/share/logstash/bin/logstash -f testlog.conf " , it's work. In the kibana can be created the index. all things is work.
but i don't use command. just use "systemctl start logstash". the data can't be output to ES. kibana haven't any index information ,so can't be create index. i see the logstash log, no error.
i know what is the reason ?
i try use " /usr/share/logstash/bin/logstash -e 'input { stdin {} } output { elasticsearch { hosts => ["172.32.1.60:9200"] index => "testlog-%{+YYYY.MM.dd}" }}' "
it's work.
and i used root account to login and restart logstash.service,whether it's related to the root account?
i use /var/log/messages for input file, i use "systemctl restart logstash " to start logstash.service ,it's work. and the data output to ES.
why i create the file, logstash can't output to ES ? i modify the file's right. 644.
i don't know what's the reason ?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.