Hi
I am unable to run logstash on windows 8.1
After running the command inside bin of logstash, logstash -f "filename.config" on the command prompt, I get a java.langException where it states that logstash stopped processing because of an error: exit.
Please help me fix this, it is really urgent.
Thanks
Please copy/paste the full error message.
Hi
I am trying to paste the error but there seems to be an error as I cannot paste more than 7000 words and my error has around 100,000+ words.
Please let me know of an alternative.
Thanks
Thank you so much 
As far as I can see, it does not have write access to its installation directory.
Try running it as an administrator to check.
Hi,
I tried running it as an administrator, but as I run it as an administrator , the window opens and shuts downs after 3-4 minutes on its own.
Run Command Prompt as Administrator. In Windows 7, follow these steps: Type cmd in Start search. Right-click on it and from the context menu select Run as Administrator.
Hi
So running on administrator, it worked.
But I don't know what to do next.
Below is what I get after running on administrator.
Sending Logstash's logs to C:/Program Files/logstash-6.3.1/logs which is now configured via log4j2.properties
[2018-07-20T19:19:33,135][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2018-07-20T19:19:33,223][INFO ][logstash.agent ] No persistent UUID file found. Generating new UUID {:uuid=>"4b9c6cb2-3adc-4c0a-ba50-2d546cef539c", :path=>"C:/Program Files/logstash-6.3.1/data/uuid"}
[2018-07-20T19:19:33,900][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"6.3.1"}
[2018-07-20T19:19:34,900][ERROR][logstash.agent ] Failed to execute action {:action=>LogStash::PipelineAction::Create/pipeline_id:main, :exception=>"LogStash::ConfigurationError", :message=>"Expected one of #, => at line 23, column 12 (byte 670) after output{\n\tstdout { codec => rubydebug }\n\t\telasticsearch{\n\t\t\thosts =>"http://localhost:9200"\n\t\t\tindex =>"ba"\n\t\t\tdocument", :backtrace=>["C:/Program Files/logstash-6.3.1/logstash-core/lib/logstash/compiler.rb:42:in compile_imperative'", "C:/Program Files/logstash-6.3.1/logstash-core/lib/logstash/compiler.rb:50:incompile_graph'", "C:/Program Files/logstash-6.3.1/logstash-core/lib/logstash/compiler.rb:12:in block in compile_sources'", "org/jruby/RubyArray.java:2486:inmap'", "C:/Program Files/logstash-6.3.1/logstash-core/lib/logstash/compiler.rb:11:in compile_sources'", "C:/Program Files/logstash-6.3.1/logstash-core/lib/logstash/pipeline.rb:49:ininitialize'", "C:/Program Files/logstash-6.3.1/logstash-core/lib/logstash/pipeline.rb:167:in initialize'", "C:/Program Files/logstash-6.3.1/logstash-core/lib/logstash/pipeline_action/create.rb:40:inexecute'", "C:/Program Files/logstash-6.3.1/logstash-core/lib/logstash/agent.rb:305:in `block in converge_state'"]}
[2018-07-20T19:19:35,431][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
Also I after running this file, my index in kibana does not get created and hence the data does not get loaded there. Anyway, I can rectify this?
It looks like there is an error in your logstash config file.
Hi
Okay, I will just state below my config file,
Let me know about your thoughts on that.
input{
file{
path =>"C:\Users\Revati Chawla\Desktop\folder\viz_banks.csv"
start_position => "beginning"
sincedb_path => "C:\Users\Revati Chawla\Desktop\folder\dbflile"
}
}
filter{
csv{
separator =>","
columns => ["bank_id","parent_id", "title", "user_id","account_type","from_account", "to_account","timestamp","last_ip","snapshot_version","isDelete"]
}
mutate {convert => ["bank_id", "integer"]}
mutate {convert => ["parent_id", "integer"]}
mutate {convert => ["user_id", "integer"]}
mutate {convert => ["isDelete", "integer"]}
}
output{
stdout { codec => rubydebug }
elasticsearch{
hosts =>"http://localhost:9200"
index =>"hello"
document.type =>"qbank_cms"
}
}document.type =>"qbank_cms"
document_type, not document.type.
After Running the command again,
The command prompt gets stuck at this and doesn't move further,
Sending Logstash's logs to C:/Program Files/logstash-6.3.1/logs which is now configured via log4j2.properties
[2018-07-23T10:14:41,426][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2018-07-23T10:14:42,200][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"6.3.1"}
[2018-07-23T10:14:48,970][WARN ][logstash.outputs.elasticsearch] You are using a deprecated config setting "document_type" set in elasticsearch. Deprecated settings will continue to work, but are scheduled for removal from logstash in the future. Document types are being deprecated in Elasticsearch 6.0, and removed entirely in 7.0. You should avoid this feature If you have any questions about this, please visit the #logstash channel on freenode irc. {:name=>"document_type", :plugin=><LogStash::Outputs::ElasticSearch hosts=>[http://localhost:9200], index=>"hello", document_type=>"qbank_cms", id=>"3b477880dbc0d0e0fdd7c39a472608a79d0368cbc10bdee7de98757eaf2a774d", enable_metric=>true, codec=><LogStash::Codecs::Plain id=>"plain_efc79136-0d71-46b6-82f7-6750ab929097", enable_metric=>true, charset=>"UTF-8">, workers=>1, manage_template=>true, template_name=>"logstash", template_overwrite=>false, doc_as_upsert=>false, script_type=>"inline", script_lang=>"painless", script_var_name=>"event", scripted_upsert=>false, retry_initial_interval=>2, retry_max_interval=>64, retry_on_conflict=>1, action=>"index", ssl_certificate_verification=>true, sniffing=>false, sniffing_delay=>5, timeout=>60, pool_max=>1000, pool_max_per_route=>100, resurrect_delay=>5, validate_after_inactivity=>10000, http_compression=>false>}
[2018-07-23T10:14:49,079][INFO ][logstash.pipeline ] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50}
[2018-07-23T10:14:49,900][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://localhost:9200/]}}
[2018-07-23T10:14:49,916][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://localhost:9200/, :path=>"/"}
[2018-07-23T10:14:50,401][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"http://localhost:9200/"}
[2018-07-23T10:14:50,526][INFO ][logstash.outputs.elasticsearch] ES Output version determined {:es_version=>6}
[2018-07-23T10:14:50,542][WARN ][logstash.outputs.elasticsearch] Detected a 6.x and above cluster: the type event field won't be used to determine the document _type {:es_version=>6}
[2018-07-23T10:14:50,569][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["http://localhost:9200"]}
[2018-07-23T10:14:50,616][INFO ][logstash.outputs.elasticsearch] Using mapping template from {:path=>nil}
[2018-07-23T10:14:50,679][INFO ][logstash.outputs.elasticsearch] Attempting to install template {:manage_template=>{"template"=>"logstash-", "version"=>60001, "settings"=>{"index.refresh_interval"=>"5s"}, "mappings"=>{"default"=>{"dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date"}, "@version"=>{"type"=>"keyword"}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}}
[2018-07-23T10:14:50,850][INFO ][logstash.outputs.elasticsearch] Installing elasticsearch template to _template/logstash
[2018-07-23T10:14:51,782][INFO ][logstash.pipeline ] Pipeline started successfully {:pipeline_id=>"main", :thread=>"#<Thread:0x536f18bd run>"}
[2018-07-23T10:14:51,935][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
[2018-07-23T10:14:52,465][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
{
"bank_id" => 0,
"host" => "Mettl088",
"path" => "C:\Users\Revati Chawla\Desktop\folder\viz_banks.csv",
"@version" => "1",
"message" => "PATH=C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Java\jdk1.8.0_171;C:\Program Files\Java\jre1.8.0_171;C:\WINDOWS\System32\OpenSSH\;C:\Users\Revati Chawla\AppData\Local\Microsoft\WindowsApps;\r",
"@timestamp" => 2018-07-23T04:44:52.365Z
}
Hi
I guess I am done.
Figured our everything.
Thanks a lot both of you.
Really appreciate.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.