Hello All,
I have installed logstash and filebeat as per the tutorial on my centos 7 machine. I have followed the example at https://www.elastic.co/guide/en/logstash/6.2/advanced-pipeline.html
However when I run it as per the tutorial its not parsing the sample data.
Below are the configuration details
FIlebeat

Paths that should be crawled and fetched. Glob based paths.

paths:
- /var/log/logstash-tutorial.log

#output.elasticsearch:

Array of hosts to connect to.

#hosts: ["localhost:9200"]

output.logstash:

The Logstash hosts

hosts: ["localhost:5044"]

Logstash - first-pipeline.conf

input {
beats {
port => "5044"
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}"}
}
}
output {
stdout { codec => rubydebug }
}

Filebeat - /data/registery is empty

As per the tutorial I am starting filebeat
sudo ./filebeat -e -c filebeat.yml -d "publish"

&
Logstash -
sudo logstash -f first-pipeline.conf --config.reload.automatic

There is nothing in the logs.

Is Logstash not showing anything in stdout?

nope and I just left it there and configured it for apache logs and it worked fine. Do not know what was wrong with the one I reported.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.