Hi All -
I am brand new to the Elasticsearch products and just trying to learn and getting my hands into it. I need your help / suggestions to overcome with the issues. Can you please guide me here pls?
Here is where I am - I managed to setup pipeline successfully, and able to load sample logs to logstash and to kibana. However, when I try to load the user logs from my custom application, the log is not consumed despite of the logstash running. Can you please help what could be the cause and next steps to consider?
Checks done from my side:
- verified configurations in logstash.yml
- verified configurations in filebeat.yml
- pipleline conf. looks good
- grok filter - i feel its ok but not sure. I am just trying to filter with "Started" keyword from the log
filter {
grok {
match => { "message" => "%{Started}"}
}
geoip {
source => "clientip"
}
Please refer to the sample log attached for the reference
Thanks in Advance for your help !
Regards
Raj