Sincedb data logic

Bostjan · November 29, 2017, 10:40am

Hello!

I have a question regarding how file information is stored in sincedb file. As I understand, structure of file is file inode/major device name/minor device name/byte offset.

What I can see is that all of this information differs from what I get from OS, as example below:

data in sincedb:

7260325595195829238 0 90 13990821

data from system:

Device: 26h/38d Inode: 11186418478513722378 Links: 1

From system, I would presume major device number is 2 and minor is 6. Also inode number is different.

Would anyone be so kind to explain how this transition is done?

Thank you and best regards,
Bostjan

JKhondhu · December 1, 2017, 10:45am

Hi,
Cool question. How did you get these system stats?

Bostjan · December 1, 2017, 10:58am

Hello,

I used "stat" + filename.

Have to point out I am running Logstash in docker (possible reason?).

Best regards,
Bostjan

system · December 29, 2017, 10:58am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Sincedb file in windows Logstash	2	1818	July 6, 2017
SinceDB naming convention Logstash	4	1782	July 6, 2017
Logstash with GlusterFS, sincedb issue Logstash	1	643	December 25, 2017
Interpreting sincedb file Logstash	2	285	May 18, 2020
How does sincedb work for a Logstash reading multiple files from a single directory? Logstash	6	12012	October 7, 2017

Sincedb data logic

Related topics