using logstash 2.3.4
Hello! Newbie to Logstash. Trying to figure out how I should format the input that the sflow codec would accept.
so far all I get is (per line of text in my sflow.input file):
Ignoring Sflow version v808728112 {:level=>:warn}
Ignoring Sflow version v808728112 {:level=>:warn}
Ignoring Sflow version v808728112 {:level=>:warn}
...
Here's my sflow.conf config:
input {
file{
path => "/home/arista/sflow.input"
codec => sflow{}
start_position => "beginning"
sincedb_path => "/dev/null"
}
stdin{}
}
output {
file{
path => "/home/arista/output.log"
}
stdout{}
}
I've tried feeding it ascii based human readable text of the packet as well as the binary representation of that text. Neither option worked.
Could someone please walk me through what I need to feed this code so it accepts the input?
BTW, the sflow input is definitely Sflow v5.
Thanks!