I am trying to index the data from logs file to elastisearch but I was unable to do so because after the Logstash Startup completed message appears nothing actually happens. So I changed conf file to
input {
file {
path => "/home/ayush/Desktop/logstash-tutorial-dataset"
start_position => "beginning"
}
}
output {
stdout {}
}
So the data of logstash-tutorial-dataset should gets printed on terminal but it isn't. Please help me with this.
What happens if you add sincedb_path => "/dev/null" to your file input?
Or read these docs: https://www.elastic.co/guide/en/logstash/current/plugins-inputs-file.html#_tracking_of_current_position_in_watched_files
Thanks for the reply, it solved my problem. But I have couple of questions on this.
}
I am able to get the value printed through stdout on terminal as well as the .txt file gets created but no data is present in the ltd.txt file .How can I solve this?
How does adding sincedb_path => "/dev/null" solved my problem. What it actually did?
It tells Logstash to read the sincedb information from /dev/null, basically an empty file, thereby not paying attention to the old sincedb file which contained the current position in the file. The start_position option only matters for new and previously unseen files. If Logstash has processed a file it won't process it again regardless of the start_position option.
Can you please help me with the sceond question as well?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.