Mapping definition for [geoip] has unsupported parameters: [path : full]”}}}}, :level=>:warn}

Rajaram_Surimenu · December 3, 2015, 9:18am

Hi,

I am trying to connect to remote host of elastic search using logstash. Taken a sample /var/log/message and given as input file path in my logstash.conf. Here is the conf file which i am using :

input {
file {
path => "/tmp/access_log"
start_position => "beginning"
type => "syslog"
sincedb_path => "nul"
}
}
output {
elasticsearch { hosts => [":9200"]
template_overwrite => "true"
}

}

and my /tmp/access_log contains simple logmessage :

Dec 3 08:45:23 ip- dhclient[1852]: DHCPACK from (xid=0x14eec1ec)

But i am getting a message saying -

:response=>{"index"=>{"index"=>"logstash-2015.12.03", "type"=>"syslog", "id"=>nil, "status"=>400, "error"=>{"type"=>"mapperparsing_exception", "reason"=>"mapping [default]", "caused_by"=>{"type"=>"mapper_parsing_exception", "reason"=>"Mapping definition for [geoip] has unsupported parameters: [path : full]"}}}}, :level=>:warn}

and also please let me know how to create index automatically.. awaiting for your reply. Thanks In advance.

magnusbaeck · December 3, 2015, 9:24am

What version of Logstash and Elasticsearch? What's the contents of the "logstash" index template (use the API to obtain it)?

please let me know how to create index automatically

You mean automatically create an index when the first document is indexed? That's the default.

Rajaram_Surimenu · December 3, 2015, 9:44am

I am using logstash-2.1 and elastic search-2.0.0

magnusbaeck · December 3, 2015, 9:50am

Thanks. Please answer the remaining questions I had.

Rajaram_Surimenu · December 3, 2015, 9:54am

and i am not using any index template as index expected to be create automatically. I am expecting a basic log message to be pushed to elastic using logstash..If there is anybasic examples also please give me reference i will try out myself.

magnusbaeck · December 3, 2015, 10:01am

and i am not using any index template as index expected to be create automatically.

I'm sorry, but if you won't answer my questions despite repeated requests I can't help you. Good luck.

Rajaram_Surimenu · December 3, 2015, 10:07am

please..Here are the versions : logstash-2.1 and Elasticsearch-2.0.0 . I am not using any logstash index templates. Yes i am expecting to create indexes automatically.