Hi, im kinda new in this ELK Stack things, i’do have a problem with connectiong nginx to logstash => ES. the ELK stack is perfectly run but when im running the logstash to connect logstash and ES it just like this
kyukazami@elkstack:/usr/share/logstash/bin$ ./logstash -f "/etc/logstash/conf.
d/nginx.conf"
Using bundled JDK: /usr/share/logstash/jdk
and nothing happen, but i’do realize when im going to server:5601 i can’t access it. here is my /etc/logstash/conf.d/nginx.conf
input {
file {
path => ["/var/log/nginx/access.log", "/var/log/nginx/error.log"]
type => "nginx"
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}+%{GREEDYDATA:extra_fields}" }
overwrite => [ "message" ]
}
mutate {
convert => { "response" => "integer" }
convert => { "bytes" => "integer" }
convert => { "responsetime" => "float" }
}
geoip {
source => "clientip"
target => "geoip"
add_tag => [ "nginx-geoip" ]
}
date {
match => [ "timestamp", "dd/MM/YYYY:HH:mm:ss Z" ]
remove_field => [ "timestamp" ]
}
useragent {
source => "agent"
}
}
output {
elasticsearch {
hosts => ["xxxxx:9200"]
index => "nginx-%{+YYYY.MM.dd}"
document_type => "nginx_logs"
}
}