Hi all.....
Here i am trying to read IIS log file with logstash
here is my conf
input {
file {
path => "C:\inetpub\logs\LogFiles\W3SVC2\in180214"
sincedb_path => "C:\logstash-6.0.0\logstash-6.0.0\config\iis"
start_position => "beginning"
# type => "iis"
codec => plain{
charset => "ANSI_X3.4-1968"
}
}
}
output
{
stdout { codec => rubydebug }
}
but when start logstash job in windows i am getting following logs
C:\logstash-6.0.0\logstash-6.0.0\bin>logstash -f C:\logstash-6.0.0\logstash-6.0.
0\config\iis.yml --path.data E:\tmp\abc
Sending Logstash's logs to C:/logstash-6.0.0/logstash-6.0.0/logs which is now co
nfigured via log4j2.properties
[2018-02-14T16:07:43,817][INFO ][logstash.modules.scaffold] Initializing module
{:module_name=>"fb_apache", :directory=>"C:/logstash-6.0.0/logstash-6.0.0/module
s/fb_apache/configuration"}
[2018-02-14T16:07:43,839][INFO ][logstash.modules.scaffold] Initializing module
{:module_name=>"netflow", :directory=>"C:/logstash-6.0.0/logstash-6.0.0/modules/
netflow/configuration"}
[2018-02-14T16:07:44,326][WARN ][logstash.config.source.multilocal] Ignoring the
'pipelines.yml' file because modules or command line options are specified
[2018-02-14T16:07:48,161][INFO ][logstash.agent ] Successfully started
Logstash API endpoint {:port=>9601}
[2018-02-14T16:07:52,540][INFO ][logstash.pipeline ] Starting pipeline {:
pipeline_id=>"main", "pipeline.workers"=>2, "pipeline.batch.size"=>125, "pipelin
e.batch.delay"=>5, "pipeline.max_inflight"=>250, :thread=>"#<Thread:0x36a823bd@C
:/logstash-6.0.0/logstash-6.0.0/logstash-core/lib/logstash/pipeline.rb:290 run>"
}
[2018-02-14T16:07:53,491][INFO ][logstash.pipeline ] Pipeline started {"p
ipeline.id"=>"main"}
[2018-02-14T16:07:53,651][INFO ][logstash.agent ] Pipelines running {:
count=>1, :pipelines=>["main"]}
but after that we are not seeing any logs.
am i doing anything wrong here?
Please help me with this issue.
Thank You.