Logstash & NSSM Windows - Variable for FQDN

londonx · October 19, 2018, 1:39pm

Has anyone managed to get the host FQDN ingested into Logstash when running it as a Windows Service via NSSM?

filter {
mutate { 
	add_field =>  {
                "HostFQDN" => "${COMPUTERNAME}.${USERDNSDOMAIN}"

So this works running \bin\logstash.bat from the command line as both %COMPUTERNAME% and %USERDNSDOMAIN% are env variables accessible from Command Line.

However when \bin\logstash.bat is run as a Service via NSSM it only reads in the ${COMPUTERNAME} variable and not ${USERDNSDOMAIN}. In fact bizarrely it reads in quite a lot of the Windows Env Variables but not all of them, even a couple of 'Standard' Windows variables are not read in e.g. ${LOGONSERVER}.

I tried a work around by creating a separate runme batch file to launch \bin\logstash.bat, but again it only adds both variables when run by itself and if runme.bat is called by the NSSM Windows Service then it can't read the %USERDNSDOMAIN% variable.

Anyone with a cunning idea on how to ingest the host FQDN into Logstash when run as a Service via NSSM?

Seems strange that Logstash itself doesn't read in the FQDN as its own internal variable like it does for "host" which is just the server name.

Thanks

wwalker · October 24, 2018, 9:26pm

Are you mass deploying this out? If not, have you tried manually setting the env variable on the target machine?

londonx · October 25, 2018, 2:09pm

Hi ideally it would be part of a mass-deploy and servers are on different domains so was hoping to just use the env variable to grab that information.

The env variables %COMPUTERNAME% and %USERDNSDOMAIN% are already set in Windows and echo correctly from the command line.

If I run logstash.bat from the Command Line it picks them up ok but if logstash.bat is called by the nssm Windows Service wrapper it fails to pick up the %USERDNSDOMAIN% variable but strangely still picks up a lot of the other Standard Windows Variables like %COMPUTERNAME%.

I've seen people talk about using jruby plugin to import variables so may look at that.

system · November 22, 2018, 2:09pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Hostname not extracted when i run logstash as a service on rhel Logstash	7	237	December 24, 2023
Windows Environment Variables not accessible when Logstash is run as a service Logstash	1	195	May 19, 2022
Does the input and output plugins support variables? Logstash	3	501	May 19, 2017
Split FQDN Logstash	3	905	March 9, 2021
Logstash environment plugin doesn't seem to work Logstash	7	2161	July 6, 2017

Logstash & NSSM Windows - Variable for FQDN

Related topics