Hi All, new to ELK environment, I have some old logs (a month old) I want to index it. When on running logstash with OUTPUT as {stdout => rubydebug} ..gets the result. But doing the same enabling elasticsearch {} doesn't fetch any result. Not sure what could be the reason, suspecting something to do with @timestamp. Please advise me on the same or some guide/tutor for the same. Thanks in advance.
Logstash remembers how far files have been processed so the second time you run Logstash it won't reprocess the files. To disable this behavior and parse files from the top set the file input's sincedb_path option to "/dev/null" (unless you're on Windows) or "nul" (if you're on Windows) and set start_position => "beginning".
Thanks for prompt reply Magnus.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.