Unrecognized service

nadine · March 30, 2018, 1:16pm

I'm a begginer in ELK.
When i execute " service logstash configtest " I get this error message: "logstash: unrecognized service"
Although the logstash in already running.
This is my configuration :

input {
file {
path => "~/Bureau/log1.log"
type => "bind"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}

filter {
if [type] == "bind" {
grok {
patterns_dir => "./patterns"
match => { "message" => "%{BINDT:timestamp} queries: client %{IP:ipaddress}#[0-9]{5} (%{HOSTNAME}): query: %{HOST:domain} IN %{DNSQUERY:query_type} (%{IP:ipaddress})" }
}
date {
match => [ "timestamp", "dd-MMM-YYYY HH:mm:ss.SSS" ]
}
}
}

output {
elasticsearch { hosts => ["localhost:9200"]
}
}

I would be grateful if you could help me.

vinodr · March 30, 2018, 3:53pm

nadine · March 30, 2018, 4:07pm

when i use /path/to/logstash -t -f /etc/logstash/conf.d

=> bash: / path / to / logstash: No file or folder of this type

vinodr · March 30, 2018, 5:22pm

@nadine Please update the paths in the command to actual directory paths of logstash service and configuration file.

nadine · March 30, 2018, 6:13pm

How can i do it ? Thank u .

system · April 27, 2018, 6:13pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.