Logstash Not sending data to Elasticsearch

abkonred · November 23, 2022, 10:37am

Hi Team,

I have created a pipeline and sending data from filebeat to logstash and to Elasticsearch. and I have created one custom field from filebeat to filter the data. Not sue why it is not sending data to "apa" index. kindly please assit here.

input {
beats {
port => 5044
}
}

filter
{

if [field] == "APAC"
{

kv {
source => "message"
field_split => "|"
value_split => "="
}
}
else
{
kv {
source => "message"
field_split => "|"
value_split => "="
}
}

}
output
{
if [field] == "APAC"
{

elasticsearch {
hosts => ["http://derusvluelaap01.eyua.net:9200", "http://derusvluelaap02.eyua.net:9200", "http://derusvluelaap03.eyua.net:9200"]
index => "apa"
}
}
else{
elasticsearch {
hosts => ["http://derusvluelaap01.eyua.net:9200", "http://derusvluelaap02.eyua.net:9200", "http://derusvluelaap03.eyua.net:9200"]
index => "amma"
}
}
}

filebeat custom field which have created.

Optional fields that you can specify to add additional information to the

output.

#fields:

env: staging

fields:
syslog: APAC

system · December 21, 2022, 10:37am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash index created but no data in pipeline Beats filebeat	2	594	November 28, 2019
Logstash not sending logs to custom elasticsearch index Logstash	2	292	December 10, 2018
Filebeat not sending data to Elasticsearch or Logstash Beats filebeat	3	7413	May 2, 2018
Missing fields Filebeat -> Logstash -> Elasticsearch Logstash	3	1628	October 27, 2017
From Filebeat to Logstash (and next to Elasticsearch) - pipeline processing Beats filebeat	3	237	January 27, 2023

Logstash Not sending data to Elasticsearch

Optional fields that you can specify to add additional information to the

output.

env: staging

Related topics