hi all:
i want to use logstash-snmptrap collect snmp message, i see the logstash'log no say any error, but elasticsearch-head no any index .
i use "snmptrap -v 2c -c public 172.32.1.2:1062 '' 1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 123456" with another linux to send the command. no problem.
i don't know how to write the .conf for the snmp ?
i check "/usr/share/logstash/bin/logstash -f snmp.conf -t" is ok .
i don't know how to send to elasticsearch .
[root@elk-test conf.d]# /usr/share/logstash/bin/logstash -f system.conf -t
WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults
Could not find log4j2 configuration at path /usr/share/logstash/config/log4j2.properties. Using default config which logs errors to the console
[WARN ] 2018-08-16 17:33:52.556 [LogStash::Runner] multilocal - Ignoring the 'pipelines.yml' file because modules or command line options are specified
Configuration OK
[INFO ] 2018-08-16 17:33:59.665 [LogStash::Runner] runner - Using config.test_and_exit mode. Config Validation Result: OK. Exiting Logstash
input {
snmptrap {
#id => "0001"
community => ["public"]
host => "0.0.0.0"
port => 1602
type => "snmplog"
}
}
output {
elasticsearch {
hosts => ["172.32.1.2:9200"]
index => "snmplog-%{+YYYY.MM.dd}"
}
}