Read multiple log

mohammed_cherif · June 20, 2017, 4:09pm

i want index multiple log with one input but logstash not read files

my config :

  input {
        file {
    		path => "C:/data1/log/*.log"
    		start_position => "beginning"
            sincedb_path => "/dev/null"
    		 type => "bctLog"
            }
    }


filter {

grok {
   match => { "message" => "%{MONTH:month} %{NUMBER:day}, %{YEAR:year} %{HOUR:hour}:%{MINUTE:minute}:%{SECOND:second}:%{NUMBER:milli}: %{LOGLEVEL:log-level} [%{DATA:threadName}\] took %{NUMBER:duration} ms." }
}
mutate {
    add_field => { 
        "eventTime" => "%{hour}:%{minute}:%{second} %{month} %{day} %{year}"
    }
}
mutate {
   convert => { "duration" => "integer" }
}
date {
    match => [ "eventTime" , "HH:mm:ss MMM d yyyy" , "HH:mm:ss MMM dd yyyy" ]
    locale => "en"
}
            
mutate {
  remove_field => [ "year", "month", "day", "time","message","frmwk","host","path","hour","minute","second","milli"]
}
            
}
output {
    elasticsearch {
        index => "cfrbif-multiple"
        hosts => "localhost:9200"
    }
  stdout { codec => json }
}

Please help.
Thanks

magnusbaeck · June 21, 2017, 9:44am

On Windows use sincedb_path => "nul" instead of sincedb_path => "/dev/null".

mohammed_cherif · June 29, 2017, 1:31pm

Thank's

system · July 27, 2017, 1:31pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash input multiple files output one index elasticsearch failure Logstash	3	2741	February 24, 2017
Logstash Multiple File Inputs Logstash	3	20772	July 6, 2017
Multiple output in logstash config, pls help! Logstash	7	4096	December 20, 2016
How does sincedb work for a Logstash reading multiple files from a single directory? Logstash	6	12009	October 7, 2017
Sincedb, file input plugin used in multiple Logstash process Logstash	1	1130	July 6, 2017

Read multiple log

Related topics