We are using Logstash-forwarder to send Nginx access logs to remote Logstash server, but there is something strange, that the access.log file size is 0 byte and nginx is writing to access.log.1 ( I know this is not the right place to ask Why).
Here is Logstash-forwarder configuration:
{
"files": [
{
"paths": [
"/var/log/nginx/access.log"
],
"fields": { "type": "nginx-access" }
},
]
}
And Here is the ls for nginx folder
root@eg-lb:~# ls -alh /var/log/nginx
total 355M
drwxr-x--- 2 www-data adm 4.0K Jun 2 06:16 .
drwxr-xr-x 14 root root 4.0K Jun 5 06:16 ..
-rw-r----- 1 www-data adm 0 Jun 2 06:16 access.log
-rw-r----- 1 www-data adm 355M Jun 5 19:59 access.log.1
But everything I can see in access.log.1 when I tail, I find it also in our ELK stack!
So, can anyone tell me what's wrong?