Rabbotmq to Elasticsearch

ericd · September 30, 2017, 10:30am

I have a problem with transporting filtered logs to Elasticsearch.

This is an overview:
syslog device -> syslog-ng -> rabbitmq -> logstash input (no filters) -> logstash elasticsearch output

Elastic stack is v5.6
In rabbitmq everything seems fine. Inputs ok and logstash getting messages from output queue .
ES client, logstash and rabbimq are on the same virtual server.

input {
  rabbitmq {
  host => '10.10.10.11'
  port => 5672
  vhost => 'logstash'
  user => 'output_user'
  password => 'pass'
  durable => true
  exchange => 'syslog_exchange'
  key => 'key1'
  queue => 'out_logstash_queue'
  type => "rmq"
  subscription_retry_interval_seconds => '5'
  }
}

output {
  if [type] == "rmq" {             #tried and without this IF
     elasticsearch {
     hosts => ["10.10.10.11:9200"]  #tried and with http
     index => "rmq-%{+YYYY.MM.dd}"
    }
  }
}

This output is working for every other input (i removed all other to test just this one).
What i am missing?

warkolm · October 1, 2017, 9:58pm

What happens if you have a stdout in the output, does it show events?

system · October 29, 2017, 9:58pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Rabbitmq as logstash input Logstash	5	8124	August 31, 2017
Filebeat -> logstash -> rabbitmq -> logstash -> elasticsearch Logstash	9	1018	September 30, 2019
RabbitMQ output plugin Logstash	2	305	July 16, 2020
Rabbitmq output plugin Logstash	3	197	March 5, 2024
ConfigurationError", :message=>"Expected one of #, input, filter, output at line 1, column 1 Logstash	7	15386	December 9, 2018

Rabbotmq to Elasticsearch

Related Topics