Running my first Logstash *.conf file and need your help

Elastic Stack Logstash
1

Hi all,

I'm new with it, so be patient to me.

I successfuly succeeded runing my first "test" in Logstash (or maybe I didn't .. this is my question).
I tried to read an XML file from a directory, and output the result to a different file (the code is at the end).

My questions are:
(1) Where I need to see the results? (Does when I'm running Logstash, I need to see the output file? or I need to do another thing in order to run it?)
(2) Can I run it in debug mode, so I can see if I really succeeded or not.

I installed ES, Kibana and Logstash on a Windows 2016 server.
I installed all Input, Output filters as long as the codec filters.
I have on my machine also X-Pack

My code is:
input {
file {
path => "C:\IN*.xml"
codec => multiline {
pattern => "<Item "
negate => "false"
what => "next"
}
}
}
filter
{
xml
{
store_xml => "false"
source => "Item"
xpath =>
[
"/Item/@ItemSeqNo", "TID",
"/Item/@RoutNo", "routID",
"/Item/@Amount", "Amount",
"/Item/@CurrencyInd", "Currency",
"/Item/@SerialNo", "CNumber",
"/Item/@ANo", "AccountNo",
"/Item/@PresentmentDate", "Date",
"/Item/AddendA/@DAcct", "CAc"
]
}
}
output
{
file {
path => "C:\ES-OUT\T%{/Item/@ItemSeqNo}.txt"
}
}

Please kindly advise

3

(1) Where I need to see the results?

Your only output is a file output that writes to C:\ES-OUT\T%{/Item/@ItemSeqNo}.txt so that's where you should inspect the results.

(Does when I'm running Logstash, I need to see the output file? or I need to do another thing in order to run it?)

I don't understand this.

(2) Can I run it in debug mode, so I can see if I really succeeded or not.

Logstash's log level is configurable, e.g. via command-line options. See the documentation.

4

Thanks Magnus for your reply.

I ment to ask, what is the triger that fires the action?
Is it the presense of file(s) in the 'IN' directory or is it something else.

Can you kindly refer me to Logstash log configuration? I'm not sure I found
the right one.

Thank you for your effort

5

Hi Hilda,

Thank you for the positive feedback.
I'm not familier with "Assignment Writing Help
http://www.writing-victors.co.uk/assignment-services/", therefor
unfortunatly I didn't used it.
I will try it

6

I ment to ask, what is the triger that fires the action?
Is it the presense of file(s) in the 'IN' directory or is it something else.

Yes. The filename pattern in your file input will be scanned every 15 seconds or so and any new files will get picked up. However, your current configuration will not read files from the beginning so it's probably not very useful. Have a look at the start_position option.

Can you kindly refer me to Logstash log configuration?

7

Thanks!!!

8

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.