Hi,
I'm trying the elk stack for analyze and visualize data. I tried to configure logstash for standard output and elastisearch. If I only output to screen, it shows 5 records, perfect. If I set the output to elasticsearch, the outcome sometimes is 3, 4, which is not the exactly the same as what I input. I tried to search in google / forum, but didn't find any solution.
Sample config and data show as below:
sample.json
{"ID":"ABCDEFA"}
{"ID":"ABCDEFB"}
{"ID":"ABCDEFC"}
{"ID":"ABCDEFD"}
{"ID":"ABCDEFE"}
sample.config:
input {
file {
codec =>"json"
path => ["/data/sample/user/sample.json"]
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "ycp-dashboard-sample-user"
}
stdout { codec => rubydebug }
}