Pipelines running {:count=>1, :pipelines=>["main"]}

Elastic Stack Logstash
1

when I execute the command, I get this. I created my test.conf file in bin folder itself.

C:\Users\vemula.pranavi\Desktop\ELK\logstash-6.2.4\bin>logstash -f test.conf
Sending Logstash's logs to C:/Users/vemula.pranavi/Desktop/ELK/logstash-6.2.4/logs which is now configured via log4j2.properties
[2018-06-05T16:13:35,464][INFO ][logstash.modules.scaffold] Initializing module {:module_name=>"fb_apache", :directory=>"C:/Users/vemula.pranavi/Desktop/ELK/logstash-6.2.4/modules/fb_apache/configuration"}
[2018-06-05T16:13:35,495][INFO ][logstash.modules.scaffold] Initializing module {:module_name=>"netflow", :directory=>"C:/Users/vemula.pranavi/Desktop/ELK/logstash-6.2.4/modules/netflow/configuration"}
[2018-06-05T16:13:35,819][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2018-06-05T16:13:36,442][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"6.2.4"}
[2018-06-05T16:13:36,910][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[2018-06-05T16:13:39,719][INFO ][logstash.pipeline ] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>2, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50}
[2018-06-05T16:13:40,235][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://localhost:9200/]}}
[2018-06-05T16:13:40,235][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://localhost:9200/, :path=>"/"}
[2018-06-05T16:13:40,438][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"http://localhost:9200/"}
[2018-06-05T16:13:40,500][INFO ][logstash.outputs.elasticsearch] ES Output version determined {:es_version=>6}
[2018-06-05T16:13:40,500][WARN ][logstash.outputs.elasticsearch] Detected a 6.x and above cluster: the type event field won't be used to determine the document _type {:es_version=>6}
[2018-06-05T16:13:40,532][INFO ][logstash.outputs.elasticsearch] Using mapping template from {:path=>nil}
[2018-06-05T16:13:40,563][INFO ][logstash.outputs.elasticsearch] Attempting to install template {:manage_template=>{"template"=>"logstash-", "version"=>60001, "settings"=>{"index.refresh_interval"=>"5s"}, "mappings"=>{"default"=>{"dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date"}, "@version"=>{"type"=>"keyword"}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}}
[2018-06-05T16:13:40,625][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//localhost:9200"]}
[2018-06-05T16:13:41,782][INFO ][logstash.pipeline ] Pipeline started successfully {:pipeline_id=>"main", :thread=>"#<Thread:0x3bcbdf89 run>"}
[2018-06-05T16:13:41,860][INFO ][logstash.agent ] Pipelines running {:count=>1, :pipelines=>["main"]}

this is my test.conf file

input {
file {
path => "D:/software/logstash-6.2.4/Mylogs/*"
start_position => "beginning"
}
}
filter {
}
output {
elasticsearch {
hosts => ["localhost:9200"]
}
}

2

That looks like a normal startup. What problem are you having?

3

I'm not able to get data in kibana.

4

If logstash has previously read a file it will save how far it got in the sincedb, and start from that point when it is restarted. Have you appended more data to one of the file in the path since logstash was restarted?

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.