Logstash Netflow module

DarkVodka34 · January 4, 2018, 3:36pm

Howdy im very new to linux and have been following a tut on getting this all working.

Im having big trouble getting the module to install I get this error

root@OMV-MediaServer:/usr/share/logstash# bin/logstash --modules netflow --setup -M netflow.var.input.udp.port=NNNN
WARNING: Could not find logstash.yml which is typically located in $LS_HOME/conf ig or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults
Could not find log4j2 configuration at path /usr/share/logstash/config/log4j2.pr operties. Using default config which logs errors to the console
[FATAL] 2018-01-04 15:22:16.641 [LogStash::Runner] runner - An unexpected error occurred! {:error=>#<LogStash::ConfigLoadingError: Failed to parse the module co nfiguration: [Failed to coerce value to Numeric. Received NNNN (String)]>, :back trace=>["/usr/share/logstash/logstash-core/lib/logstash/settings.rb:299:in coer ce'", "/usr/share/logstash/logstash-core/lib/logstash/settings.rb:256:inset'", "/usr/share/logstash/logstash-core/lib/logstash/modules/logstash_config.rb:45:i n get_setting'", "/usr/share/logstash/logstash-core/lib/logstash/modules/logsta sh_config.rb:59:insetting'", "(erb):4:in result'", "org/jruby/RubyKernel.java :1079:ineval'", "/usr/share/logstash/vendor/jruby/lib/ruby/1.9/erb.rb:838:in result'", "/usr/share/logstash/logstash-core/lib/logstash/modules/logstash_confi g.rb:91:inconfig_string'", "/usr/share/logstash/logstash-core/lib/logstash/mod ules/scaffold.rb:49:in config_string'", "/usr/share/logstash/logstash-core/lib/ logstash/config/modules_common.rb:88:inpipeline_configs'", "org/jruby/RubyArra y.java:1613:in each'", "/usr/share/logstash/logstash-core/lib/logstash/config/m odules_common.rb:56:inpipeline_configs'", "/usr/share/logstash/logstash-core/l ib/logstash/runner.rb:276:in execute'", "/usr/share/logstash/vendor/bundle/jrub y/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:67:inrun'", "/usr/share/logstash/l ogstash-core/lib/logstash/runner.rb:204:in run'", "/usr/share/logstash/vendor/b undle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:132:inrun'", "/usr/share /logstash/lib/bootstrap/environment.rb:71:in `(root)'"]}
root@OMV-MediaServer:/usr/share/logstash#

Has anyone any ideas why I get this error?
Thanks

DarkVodka34 · January 4, 2018, 4:12pm

Also when sudo bin/logstash –modules netflow –setup --path.setting=/etc/logstash

get this

root@OMV-MediaServer:/usr/share/logstash# sudo bin/logstash –modules netflow –setup --path.setting=/etc/logstash
WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults
ERROR: Unknown command '–modules'

See: 'bin/logstash --help'

Still can't get it to work

magnusbaeck · January 7, 2018, 4:23pm

Do you actually have "NNNN" in your Logstash command?

guyboertje · January 8, 2018, 8:56am

Use dash dash modules --modules and --setup.

DarkVodka34 · January 10, 2018, 12:11am

No sorry

DarkVodka34 · January 10, 2018, 12:13am

Can you explain abit more please.

bin/logstash --modules netflow --setup

I did add dash dash, looks like the first post didn't paste them

root@OMV-Media:/usr/share/logstash# bin/logstash --modules netflow --setup
WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults
Could not find log4j2 configuration at path /usr/share/logstash/config/log4j2.properties. Using default config which logs errors to the console

sdndude · January 10, 2018, 3:28pm

That was your first error. It did have "NNNN" as the port number. Try it with an actual port number that your netflow messages will be sent to on the server and it may fix it.

system · February 7, 2018, 3:28pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.