Read .asl Log-Files on Mac OS X from "/var/log/servermetricsd/"

beelastic · June 22, 2016, 7:28am

Hello everyone!
I want to use my ELK stack to monitor couple of Mac Servers.
The log files are located in "/var/log/servermetricsd/" and have the file extension "*.asl".
I use Logstash with the following configuration:

input {
file {
path =>["/var/log/.log","/var/log/servermetrics/.asl"]
codec => plain {
charset =>"BINARY"
}
}
}
output {
elasticsearch {
hosts => "10.10.100.90:9200"
index =>"macserver-%{+YY.MM.dd}"
}
}

The log files from "/var/log/*.log" are processed well, but i dont get the asl files.

.asl file Information: application/octet-stream; charset=binary

Any ideas?

theuntergeek · June 22, 2016, 1:18pm

Binary isn't a character set. Logstash ingests text data by default, and can only ingest binary data by way of a special plugin, designed to convert said binary format back into text.

beelastic · June 22, 2016, 1:30pm

Thank you very much for the reply! (: