Hello All,
I have installed EFK stack with latest build on my AWS instances to forward logs on centralized log server. Earlier i was using Syslog plugin to forward all logs, but it was not able to forward Java stack-traces.
I reconfigured td-agent and started using tail plugin with multiline format. Now i am not able to see data on KibanaGUI, however i checked through curl its available in Elasticsearch.
My td-agent information.
Version:- td-agent-2.3.0-0.el7.x86_64
-------------------------------------td-agent.conf--------------------------------
Fluentd Server configuration
Output descriptions:
To elasticsearch
<match **>
type copy
type elasticsearch
include_tag_key true
tag_key @log_name
logstash_format true
flush_interval 5s #debug
host x.x.x.x
port 9200
index_name fluentd
type_name fluentd
match tag=debug.** and dump to console
type stdoutmatch tag=debug.** and dump to console
#<match **>
type stdout
#
Source descriptions:
built-in TCP input
@see http://docs.fluentd.org/articles/in_forward
type forward###############################################
<match **>
type forward
send_timeout 10s
recover_wait 5s
heartbeat_interval 1s
phi_threshold 16
hard_timeout 60s
Forward access log to Fluentd Server
type tail format multiline format_firstline /^\[/ format1 /^\[[^ ]* (?[^\]]*)\] *(?[^ ]*) (?[^\n]*(\n^[^\[].*|$))/ path /tmp/test.log tag myapp # Select a file to store offset position pos_file /tmp/test.pos # time_format %d/%b/%Y:%H:%M:%S %z ------------------------------------------------------------------------------------------------------------------------------------------ My Elasticsearch version:- elasticsearch-2.1.1-1.noarchMy Kibana version.
kibana-4.3.1-linux-x64
Kindly help me out to troubleshoot this issue, also let me know if any other detail required.
Thanks in advance.
Regards,
Rohit Sharma
rohitrsh@gmail.com