Hi,
I'm new to ELK and have recently got the ELK stack to work on an Amazon Web Services t2.medium instance.
My problem is that I can't get Logstash run my configuration file, which is throwing an error.
I get this error when I run the command:
./logstash -f ./etc/logstash/conf.d/test-logstash.conf -v
Output:
translation missing: en.logstash.runner.configuration.file-not-found {:level=>:error}
starting agent {:level=>:info}
The data I want logstash to input is a large text file called: log.txt
Here are some of the lines found in the log.txt file:
2003-02-20 20:38:52.067 d_HbHS_t 42.7
2003-02-20 20:38:56.067 d_HbHS_t 42.7
2003-02-20 20:39:00.067 d_HbHS_t 42.7
2003-02-20 20:39:04.067 d_HbHS_t 43.4
2003-02-20 20:39:08.067 d_HbHS_t 42.7
2003-02-20 20:39:12.067 d_HbHS_t 42.7
Here I have a date (YYYY-MM-dd), time(HH:mm:ss:micro-seconds), parameter_name, parameter_value
Here is my configuration file for logstash:
input {
file {
path => "/home/ubuntu/data/log.txt"
type => "syslog"
start_position => beginning
}
}
filter {
grok {
match => { "message" => "%{DATESTAMP:timestamp} %{WORD:parameter} %{NUMBER:value:float}"}
}
}
output {
stdout {
codec => rubydebug
}
elasticsearch {
action => "index"
hosts => ["localhost:9200"]
index => "test-logstash-config"
}
}
Any insight into why there is a translation error will greatly appreciated.