Logstash not reading data from text file in windows

Elastic Stack Logstash
1

Hi
when i tried with stdin{} it works fine. but reading from file not getting any data in elasticsearch in windows.

Please find the below conf details.

Conf file:
input{
# stdin{}
file{
type =>"syslog"
path => ["D:/Logs_Montoring/LogAnalysis/logstash-7.5.0/logs.txt"]
start_position => "beginning"
sincedb_path => "NUL"
}
}
output{

stdout{
codec => rubydebug
}
elasticsearch{
hosts => ["http://localhost:9200"]
index => "logs"
}
}

Input file data:
Timestamp: 12/24/2019 5:42:04 AM

Message: Task timed out - SDFC is not responding in timely manner

Category: Error

Priority: -1

EventId: 1

Severity: Information

Title:

Machine: AS00049

App Domain: /ED/W3SVC/64/ROOT/PRP.Services/merchant/eondod.dkos.do-301-132216577167216650

ProcessId: 15068

Process Name: c:\windows\system32\inetsrv\w3wp.exe

Thread Name: Win32 ThreadId:19512

Extended Properties: WebSession - NE343.NE2332@Q7T0+cK7Bf4UOzfKe9F8HUv6yC4=

2

Set log.level to trace and see what filewatch has to say.

3

Hi Badger

i ran with debug mode : logstash -f bin\logstashtest
.conf --debug

Getting below error:

[2019-12-25T20:52:15,894][DEBUG][logstash.instrument.periodicpoller.jvm] collector name {:name=>"ParNew"}
[2019-12-25T20:52:15,896][DEBUG][logstash.instrument.periodicpoller.jvm] collector name {:name=>"ConcurrentMarkSweep"}
[2019-12-25T20:52:20,467][DEBUG][org.logstash.execution.PeriodicFlush][main] Pushing flush onto pipeline.
[2019-12-25T20:52:20,795][DEBUG][logstash.instrument.periodicpoller.cgroup] One or more required cgroup files or directories not found: /proc/self/cgroup, /sys/fs/cgroup/cpuacct, /sys/fs/cgroup/cpu

4

Hi

i am using below versions :

  1. logstash- 7.5.0.0
  2. kibana-7.5.0
  3. elasticsearch-7.5.0
  4. jdk1.8.0
  5. windows server 2008 64bit
5

As I said, set log.level to trace, not debug.

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.