System hangs : Sending Logstash's logs to /var/log/logstash which is now configured via log4j2.properties

Elastic Stack Logstash
1

I have used the following command ,

bin/logstash -f "/etc/logstash/conf.d/first-pipeline.conf" --path.settings=/etc/logstash

However the system just shows the following message and then nothing happens

Sending Logstash's logs to /var/log/logstash which is now configured via log4j2.properties

The contents of first-pipeline.conf is as follows:
input
{

  file
  {
        path => "/var/log/elasticsearch/app1.log"

        sincedb_path => "/dev/null"
        start_position => "beginning"

        type => "doc"
  }
}
filter
{


       grok
       {

          match => [ "message", "\[%{TIMESTAMP_ISO8601:timestamp}\]\[%{DATA:loglevel}%{SPACE}\]\[%{DATA:source}%{SPACE}\]%{SPACE}(?<message>(.|\r|\n)*)" ]


       }
}
output
{

      stdout
      {
      codec => rubydebug
      }

}

The logstash log file has the following content
[ 2018-08-13T02:34:37,744][INFO ][logstash.pipeline ] Starting pipeline {"id"=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>500}
[2018-08-13T02:34:37,927][INFO ][logstash.pipeline ] Pipeline main started
[2018-08-13T02:34:37,995][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[2018-08-13T02:48:53,139][WARN ][logstash.runner ] SIGINT received. Shutting down the agent.
[2018-08-13T02:48:53,144][WARN ][logstash.agent ] stopping pipeline {:id=>"main"}
[2018-08-13T02:49:08,903][INFO ][logstash.pipeline ] Starting pipeline {"id"=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>500}
[2018-08-13T02:49:09,156][INFO ][logstash.pipeline ] Pipeline main started
[2018-08-13T02:49:09,256][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[root@bdl02node02 logstash]# cat logstash-plain.log
[2018-08-13T02:34:37,744][INFO ][logstash.pipeline ] Starting pipeline {"id"=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>500}
[2018-08-13T02:34:37,927][INFO ][logstash.pipeline ] Pipeline main started
[2018-08-13T02:34:37,995][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[2018-08-13T02:48:53,139][WARN ][logstash.runner ] SIGINT received. Shutting down the agent.
[2018-08-13T02:48:53,144][WARN ][logstash.agent ] stopping pipeline {:id=>"main"}
[2018-08-13T02:49:08,903][INFO ][logstash.pipeline ] Starting pipeline {"id"=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>500}
[2018-08-13T02:49:09,156][INFO ][logstash.pipeline ] Pipeline main started
[2018-08-13T02:49:09,256][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}

Any suggestions please?

2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.