I have recently started using logstash and am trying to build a sandbox environment to test different parsing.
I have built a test.config file using stdin and cat a data file through it to get stdout display of outcome. Using the same data file I get output (although not knowing of multiline) when input codec of multline is removed and I get no output when it is in config.
Data being cat'ed into logstash.
2017-02-01 08:00:00,114 [126925] DEBUG FixedSqlMembershipProvider - Executing command: Type=StoredProcedure
-- begin statement parameters
That was originally how I had it and it didn't work, so I searched a few suggestions that said quotes might fix it. With or without double quotes, still no output.
thanks for the suggestion .
Your .conf file is proper, I guess for testing purpose you are using only one entry in the log file try it with multiple entries, you will be able to see the output on stdout.
Thanks sayalee, you are correct. Although my original test was 2 log lines, it was 1 multi line and I assumed EOF would trigger output. Adding a dummy line in that closed the multi line triggered output of first occurrence.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.