Hello im using this ultra simple conf file:
input { snmp { hosts => [{host => "udp:192.168.24.1/161" community => "public" version => "2c" retries => 2 timeout => 1000}] tables => [ {"name" => "interfaces" "columns" => ["1.3.6.1.2.1.2.2.1.2.3", "1.3.6.1.2.1.2.2.1.4.3"]} ] interval => 5 } }
output { stdout {} }
i run it using pragma_admin@pragma:/usr/share/logstash/bin$ sudo ./logstash -f /etc/logstash/conf.d/snmp.conf
the resulting window prints:
Using bundled JDK: /usr/share/logstash/jdk OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release. WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults Could not find log4j2 configuration at path /usr/share/logstash/config/. Using default config which logs errors to the console [INFO ] 2022-03-24 13:03:43.763 [main] runner - Starting Logstash {"logstash.version"=>"8.1.1", "jruby.version"=>"jruby 9.2.20.1 (2.5.8) 2021-11-30 2a2962fbd1 OpenJDK 64-Bit Server VM 11.0.14.1+1 on 11.0.14.1+1 +indy +jit [linux-x86_64]"} [INFO ] 2022-03-24 13:03:43.770 [main] runner - JVM bootstrap flags: [-Xms1g, -Xmx1g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djruby.compile.invokedynamic=true, -Djruby.jit.threshold=0, -Djruby.regexp.interruptible=true, -XX:+HeapDumpOnOutOfMemoryError, -Djava.security.egd=file:/dev/urandom, -Dlog4j2.isThreadContextMapInheritable=true, --add-opens=java.base/java.security=ALL-UNNAMED, --add-opens=java.base/=ALL-UNNAMED, --add-opens=java.base/java.nio.channels=ALL-UNNAMED, --add-opens=java.base/=ALL-UNNAMED, --add-opens= [WARN ] 2022-03-24 13:03:44.117 [LogStash::Runner] multilocal - Ignoring the 'pipelines.yml' file because modules or command line options are specified [INFO ] 2022-03-24 13:03:45.772 [Api Webserver] agent - Successfully started Logstash API endpoint {:port=>9600, :ssl_enabled=>false} [INFO ] 2022-03-24 13:03:46.462 [Converge PipelineAction::Create] Reflections - Reflections took 137 ms to scan 1 urls, producing 120 keys and 417 values [INFO ] 2022-03-24 13:03:47.091 [Converge PipelineAction::Create] javapipeline - Pipeline main is configured with pipeline.ecs_compatibility: v8 setting. All plugins in this pipeline will default to ecs_compatibility => v8 unless explicitly configured otherwise. [INFO ] 2022-03-24 13:03:47.209 [[main]-pipeline-manager] javapipeline - Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>500, "pipeline.sources"=>["/etc/logstash/conf.d/snmp.conf"], :thread=>"#<Thread:0x7bd39b12 run>"} [INFO ] 2022-03-24 13:03:47.893 [[main]-pipeline-manager] javapipeline - Pipeline Java execution initialization time {"seconds"=>0.68} [INFO ] 2022-03-24 13:03:47.933 [[main]-pipeline-manager] snmp - using plugin provided MIB path /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-input-snmp-1.3.1/lib/mibs/logstash [INFO ] 2022-03-24 13:03:47.952 [[main]-pipeline-manager] snmp - using plugin provided MIB path /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-input-snmp-1.3.1/lib/mibs/ietf [INFO ] 2022-03-24 13:03:50.635 [[main]-pipeline-manager] snmp - ECS compatibility is enabled but target option was not specified. This may cause fields to be set at the top-level of the event where they are likely to clash with the Elastic Common Schema. It is recommended to set the target option to avoid potential schema conflicts (if your data is ECS compliant or non-conflicting, feel free to ignore this message) [INFO ] 2022-03-24 13:03:50.640 [[main]-pipeline-manager] javapipeline - Pipeline started {""=>"main"} [INFO ] 2022-03-24 13:03:50.694 [Agent thread] agent - Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>}
AND nothing else im running ubuntu 20.04.4 install logstash .deb via apt install
the host IS accessible and responds in a fraction of a second here is a snmwalk testing one of the oid
pragma_admin@pragma:/usr/share/logstash/bin$ sudo snmpwalk -v2c -cpublic 192.168.24.1 1.3.6.1.2.1.2.2.1.2.3 iso.3.6.1.2.1.2.2.1.2.3 = STRING: "ether1 Hacia Internet"
please help the consulted data is not showing in the shell