I have NxLog configured to send stuff on that port to the logstash server, but it only sends stuff if something on the other end is configured to receive it, so I hope in this case it's logstash. I found online where other people put other files in the conf.d directory, but the only ones I have in there are the input, filters, and output files though there is a filter in there. That error posted above appears for all the .conf files in that directory.
Just ran /etc/init.d/logstash.rpmsave configtest
and also with -f /etc/logstash
and -f /etc/logstash/conf.d
but they all produce the same error, which I found to be normal
WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults ERROR: Unrecognised option '--configtest'
I try to run /usr/share/logstash/bin/logstash -f /etc/logstash.conf
again, but I get these errors to display. There are several errors like this for each [type] in my logstash.conf files
[root@localhost ~]# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/ WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults
Could not find log4j2 configuration at path /usr/share/logstash/config/log4j2.properties. Using default config which logs errors to the console
[ERROR] 2018-02-16 15:38:27.306 [[main]<tcp] pipeline - A plugin had an unrecoverable error. Will restart this plugin. Plugin: <LogStash::Inputs::Tcp type=>"ftp", port=>5007, id=>"3e7ce27249ce9605710e23e87684adbe6de42a6f-7", enable_metric=>true, codec=><LogStash::Codecs::Line id=>"line_e0ddcd42-ab97-47e2-b311-6a19d1cfb611", enable_metric=>true, charset=>"UTF-8", delimiter=>"\n">, host=>"0.0.0.0", data_timeout=>-1, mode=>"server", proxy_protocol=>false, ssl_enable=>false, ssl_verify=>true, ssl_key_passphrase=><password>> Error: Address already in use
[ERROR] 2018-02-16 15:38:27.309 [[main]<tcp] pipeline - A plugin had an unrecoverable error. Will restart this plugin. Plugin: <LogStash::Inputs::Tcp type=>"iis", port=>5001, codec=><LogStash::Codecs::Line id=>"line_69db6bfb-16b0-4607-8a23-6ee58d709f59", enable_metric=>true, charset=>"UTF-8", delimiter=>"\n">, id=>"3e7ce27249ce9605710e23e87684adbe6de42a6f-2", enable_metric=>true, host=>"0.0.0.0", data_timeout=>-1, mode=>"server", proxy_protocol=>false, ssl_enable=>false, ssl_verify=>true, ssl_key_passphrase=><password>> Error: Address already in use
This is in the logstash-stderr log
/usr/share/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-5.0.4/lib/elasticsearch/transport/transport/connections/connection.rb:117 warning: out of Float range
and this in the logstash-stdout log
2018-02-16 13:40:20,216 main ERROR Unable to create file /var/log/logstash/logstash-plain.log java.io.IOException: No such file or directory
but that log file should be created if it doesn't exist