Hi All,
I'm new to ELK , I tried to send the log files from Logstash to Elasticsearch from my loacl windows10 machine, though the service started successfully i don't see the index /logs in Kibana.
Logstash / Elasticsearch version : 7.8.0
My Logstash conf file
input {
file {
path => "C:\ELK\test.log"
type => "fe"
start_position => "beginning"
}
}
output {
stdout { codec => rubydebug }
elasticsearch {
hosts => "localhost:9200"
index => "relog"
}
}
i don't see the index /logs
You're configuring the name relog
index => "relog"
I assume that was just a typo in your post (but you should check for relog in Kibana in case you haven't already).
I assume you do have Elasticsearch running locally on port 9200. If you haven't checked, try clicking this link: http://localhost:9200 . You should see some JSON with version information being returned. Then, try this link: http://localhost:9200/_cat/indices . This is a list of all indices. Does "relog" exist?
If this all goes okay, does http://localhost:9200/relog/_search return any documents?
Hi Emanuil,
thanks for your response.
all the services are up & running, i tried http://localhost:9200/_cat/indices
i don't see relog index. it seems logstash is not reading the file
Do not use backslash in the path option of a file filter, they are treated as escapes. Use forward slash.
Thanks it worked
Thanks its working
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.