Hello,
I have all my environment configured and tested using the command bin/logstash -f myfile.conf --config.reload.automatic and everything works fine. Elasticsearch generates indices, all the filters defined in my .conf file are working as expected.
When I try to start Logstash with systemctl start logstash, it is started and I can see the process running under the logstash username.
The point is that no log files are being generated under /var/log/logstash directory. I already changed the ownership and permissions for this directory and also verified the path.logs configuration in logstash.yml file.
I have noticed that when I run Logstash with the test command, the following errors are reported:
WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults
Could not find log4j2 configuration at path /usr/share/logstash/config/log4j2.properties. Using default config which logs errors to the console
Where should I verify if those path are correctly configured? Is this log4j2.properties error the reponsible for log files not being generated?
My environment is SLES 12. Logstash and other stack members were installed with RPM packages.
Thanks!