Here are my settings .... what am i missing?
cat logstash.yml | grep -v "#"
node.name: p-gp2-es46-4.*****
path.data: /data/logstash
http.host: "p-gp2-es46-4."
path.logs: /var/log/logstash
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.url: http://p-gp2-es46-8.:9200
xpack.monitoring.elasticsearch.username: logstash_system
xpack.monitoring.elasticsearch.password: *****
cat pipelines.yml
-
pipeline.id: beats_pipeline
path.config: "/etc/logstash/pipelines/syslog_pipeline.conf"
cat pipelines/syslog_pipeline.conf
input {
beats {
client_inactivity_timeout => 120
port => 5044
}
}
filter {
}
output {
if "sys_log" in [tags] {
if "_grokparsefailure" in [tags] {
file {
path => "/var/log/logstash/_grokparsefailure/grokparsefailure_sys_log.log"
}
}
elasticsearch {
hosts => "d-gp2-es46-8.*****:9200"
manage_template => false
index => "%{[@metadata][beat]}-%{[@metadata][version]}-sys-log-%{+YYYY.MM.dd}"
}
}
}