LogStash not showing output on console

Elastic Stack Logstash
1

I was trying to use filebeat to push data into logstash

filebeat.yml

 type: log
  # Change to true to enable this input configuration.
  enabled: false

  #Paths that should be crawled and fetched. Glob based paths.
  paths:
    - /Users/vishal/Documents/Softwares/ELK/logstash-tutorial.log

# ---------------------------- Elasticsearch Output ----------------------------
#output.elasticsearch:
  # Array of hosts to connect to.
  #hosts: ["localhost:9200"]

# ------------------------------ Logstash Output -------------------------------
output.logstash:
  hosts: ["localhost:5044"]

logstash.conf

input {
  beats {
    port => "5044"
  }
}

filter {
    grok {
        match => { "message" => "%{COMBINEDAPACHELOG}"}
    }
    geoip {
        source => "clientip"
    }
}

output {
	stdout { codec => rubydebug }
}

It was not showing not data on console. After struggling for few hours i have changed logstash.conf file to read data from file as per below. Still not working :frowning:

input {
	file {
		path => "/Users/vishal/Documents/Softwares/ELK/logstash-tutorial.log"
		start_position => "beginning"
		sincedb_path => "NUL"
		ignore_older => 0
	}
}

filter {
    grok {
        match => { "message" => "%{COMBINEDAPACHELOG}"}
    }
    geoip {
        source => "clientip"
    }
}

output {
	stdout { codec => rubydebug }
}
2

On UNIX you should use "/dev/null" as the sincedb_path to prevent the in-memory sincedb being persisted across restarts. "NUL" is for Windows.

In filebeat, setting ignore_older to zero disables age based filtering. In logstash it tells the input to ignore any files more than zero seconds old, which is all files. Delete this option.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.