Config logstash for elasticsearch -
i have installed logstash-elasticsearch-kibana on local. want config logstash push data elasticsearch, there codes below same tutorial in guide on elastic page. can't run config file successful. excepted 1 time don't know why , try test again fail anyway
this first-pipeline.conf
input { file { path => "d:/grok.log" start_position => beginning } } filter { grok { match => { "message" => "%{combinedapachelog}"} } } output { elasticsearch { protocol => "http" host => "localhost" port => "9200" } stdout {} }
this grok.log
83.149.9.216 - - [04/jan/2015:05:13:42 +0000] "get /presentations/logstash- monitorama-2013/images/kibana-search.png http/1.1" 200 203023 "http://semicomplete.com/presentations/logstash-monitorama-2013/" "mozilla/5.0 (macintosh; intel mac os x 10_9_1) applewebkit/537.36 (khtml, gecko) chrome/32.0.1700.77 safari/537.36"
all configs same tutorial can't run
edit 1
i think there somethings wrong filter or output don't know where-it-is, cuz i've tried tutorial guide only. , got message "logstash startup completed" think config right can't see data in elasticsearch
it define node. recommend use transport protocol. problem. probobly getting there when accessing kibana sure define proper index pattern. if went once should go time ( or there no changes in log not ) try debug see logs of logstash , elasticsearch , share them us. if not sure of filter remove it.
Comments
Post a Comment