Logstash not reading my file, no sincedb file being created either

Rohan_Tirumale · June 9, 2016, 5:53pm

I am using logstash 2.0 and this is my config file. For some reason the file isnt being read, but I am able to feed it an input using stdin, for which it shows me a result.

input {
file{
path => "/home/finalelkcut/logs/t2.log"
sincedb_path => "/home/finalelkcut/logs/.sincedb*"
start_position => "beginning"
}
stdin{}
}

filter{
grok{
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => ["timestamp" , "dd/MMM/yyyy:HH:mm:ss Z"]
}

}
output {
stdout{ codec => rubydebug}
elasticsearch {
hosts => "10.61.157.79:9200"

}

magnusbaeck · June 14, 2016, 6:26pm

If the input file is older than 24 hours you need to adjust ignore_older.

sincedb_path => "/home/finalelkcut/logs/.sincedb*"

The * doesn't make sense unless you really want Logstash to create a file named .sincedb*.

Topic		Replies	Views
Reading a log file into Logstash Logstash	9	25809	July 6, 2017
Logstash file input not working 6.4.0 Logstash	3	995	November 11, 2018
File plugin doesn't read file Logstash	7	7985	July 6, 2017
File creates empty sincedb file and no data is processed Logstash	3	1228	January 17, 2017
Sincedb file is being created empty Logstash	18	1410	June 28, 2022

Logstash not reading my file, no sincedb file being created either

Related Topics