The given configuration is invalid error

Ruthvik_Sai · December 3, 2018, 12:01pm

Hi,

The error I am getting is as follows:

Sending Logstash logs to C:/logstash/logs which is now configured via log4j2.properties
[2018-12-03T17:04:03,950][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2018-12-03T17:04:05,051][FATAL][logstash.runner ] The given configuration is invalid. Reason: Expected one of #, {, ,, ] at line 10, column 13 (byte 173) after filter {
mutate {
gsub => [
"event_data.NewProcessName", ".OUTLOOK.*", "outlook.exe"

[2018-12-03T17:04:05,076][ERROR][org.logstash.Logstash ] java.lang.IllegalStateException: Logstash stopped processing because of an error: (SystemExit) exit

My configuration file is:

input {
beats {
port => "5044"
}
}
filter {
mutate {
gsub => ["event_data.NewProcessName", ".OUTLOOK.", "outlook.exe"]
#"event_data.NewProcessName", ".WINWORD.", "word.exe"
}
}
output{
elasticsearch {
hosts => ["localhost:9200"]
}
}

Can you please help me in resolving the error...

Thanks
Regards

system · December 31, 2018, 12:01pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.