Urgent: reparsing log files with Logstash?

Michel99_7 · June 8, 2018, 8:12am

Dear all,

Here is the context

Context: we are indexing data by using Logstash and the file input plugin for .log files (persistency managed via sincedb files); due to problems on the process that provide log files, we sometimes need to reindex log files in ES from a certain period, instead of reindexing all of them (several Gb)
Question: is there a way to configure LS so that log files are reparsed from a certain period? we assume that our sincedb file can be updated by removing all lines from a certain INODE reference; but we faced a major problem: the reference of the INODE within the sincedb file has nothing to do with the INODE reference we get by using the ls -i command. Any hint?

Many thanks in advance.

system · July 6, 2018, 8:12am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash trying to reprocess the same files Logstash	2	209	November 22, 2022
Updating config file Logstash	6	512	November 3, 2021
Logstash re-processes files, incorrectly updates sincedb Logstash	7	247	May 3, 2024
Logstash File Input Won't Re-read Files Logstash	4	1386	March 2, 2020
Logstash re-read input file everytime there is modification Logstash	4	1291	July 6, 2017