Logstash not receiving messages

Aleksandar_Aleksandr · July 17, 2017, 9:54am

Hello,

I am trying to get the ELK up and running on docker. I have succesfully integrated the three services and they do in fact communicate with each other. My problem arises when I am trying to send messages to logstash over udp/tcp connection. I tried different input plugins including the udp, tcp and syslog plugins. In none of the cases or the tried configuration messages were actually being received. I checked and logstash is in fact listening to the requested ports. The application is also sending the packets to the right ip:port. However, no input is to be seen.

Does anybody have an idea what in the communication might possibly be going wrong?

Example.conf that I used:
input {
syslog {
port => "14544"
}
}

output {
elasticsearch {
hosts => ["elasticsearch:9200"]
}
stdout {
codec => rubydebug
}
}

docker-compose
logstash:
image: logstash:2.4.0
ports:
- "5044:5044"
- "14544:14544"
- "14544:14544/udp"
links:
- elasticsearch
depends_on:
- elasticsearch

magnusbaeck · July 18, 2017, 2:19pm

It's not clear to me if your "ports" map actually publishes the ports on the host; the documentation (https://docs.docker.com/compose/compose-file/#ports) isn't quite clear. Try using the long syntax described in the docs to really make sure the ports are published.

system · August 15, 2017, 2:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash not sending data to ELK Logstash docker	9	382	April 1, 2024
Logstash udp input listen on port 5044 but doesn't receive syslog messages Logstash	1	786	October 5, 2021
Logstash tcp input doesn't work Logstash	4	2735	August 28, 2018
Logstash not sending data to Elasticsearch Logstash docker	6	308	January 23, 2024
Logtash is not accepting/recieving syslog sent by linux server Logstash	10	1422	December 15, 2016

Logstash not receiving messages

Related Topics