When i enabled logstash as service, configuration files are not giving the output as expected, where as when i ran as process separately those are working fine.
Please let me know if we run logstash as service do we need to alter the /etc/init.d/logstash file, if yes what are all the changes?
Even if you use multiple configuration files they are effectively treated as a single large file. Logstash has a single event pipeline where events from all inputs are passed to all filters and outputs unless you use conditionals to restrict which filters and outputs receive which events.
So all events from the file and redis will be sent to the redis, elasticsearch, and email outputs. As I said, if this isn't what you want you need to use conditionals. However, in your case I'd run multiple Logstash instances.
unix-shipper.conf and unix-indexer.conf files are already at separate servers, all shipper configuration files are getting marked with same type(eg: type:unix even for windows and vpn )
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.