I am currently reading a log file to parse it and send the parsed fields to elasticsearch.
The problem that I am facing now is that new lines are constantly being appended to the log file. I have ran into situations when Logstash stopped but the log file is still growing. i have re-run logstash in order to start parsing the newly added lines.
I am facing similar challenge where the newly added lines are not getting picked by LOGSTASH.
Also if i add a new log file in the same directory, the newly added log file is not getting picked up.
Any help in this regard is much appreciated.
Thanks.
I am currently reading a file on a mapped network drive which source is a linux file system server
In my case I am simply doing a proof of concept on my laptop which has windows 7 installed. So all software are running on same machine where the log directory is.
The version that I am using is 2.3.4. What version are you using?
filebeat-5.2.0
logstash-5.2.0
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.