Questions tagged [Logstash] (54)

Hello, here such question, for some reason not loaded indices in kibana, I put on this manual https://www.digitalocean.com/community/tutorials/h... Loads the indexes from the article: sudo filebeat setup --template -E output.logstash.enabled=false-E 'output.elasticsearch.hosts=["localhost:9200"]' sudo filebeat setup-e -E ...

In rabbitmq queue I have received the logs. I want to connect logstash queue logs for later loading into elasticsearch. Had a few questions: 1. Where to place config logstash'a for descriptions of input/output ? In different sources different information. I'm trying to write the config here: /etc/logstash/conf.d/rabbitmq....

Need your help! Now there is such structure: 1) Redis, which acts as a message broker 2) Logstash, to assume the role of dispatcher logs to the file 3) Sanic with 12 workere in the role of a router service. Takes the incoming request and sends queued Redis Sanic sends, receives a response, sends to the Redis queue. 4) Sanic...

Hello! In FileBeat specify two input: filebeat.inputs: - type: log enabled: true paths: - /home/ ... /storage/logs/laravel*.log document_type: json json.keys_under_root: true fields: log_type: laravel_log - type: log enabled: true paths: /var/log/apache2/error.log fields: log_type: apache_log In LodStash index ES ...

Hello! Why Logstash writes to ES your log logstash-plain.log, although it not specified anywhere? Here's the input section: input { beats { port => 5044 } } And Filebeat is only one input: filebeat.inputs: - type: log enabled: true paths: - /home/ ... /storage/logs/laravel*.log Why this happens and how to get rid o...

Hello! There is a config Filebeat which defines the field log_type: filebeat.inputs: - type: log enabled: true paths: is /home/some/storage/logs/laravel*.log fields: log_type: laravel_log How to take this field in the Logstash output config in order to use the name of the elasticsearch index? index => "%{[@metadata]...

Hi all. Launched ELK stack, it is in the SYSLOG-I send logs from the firewall, in the CEF format. input like this:type => "syslog" syslog_field => "syslog" codec => "cef" Sobsno all. filters don't really do, once the output is sent to elasticsearch. And if I go to kibana, there is all the logs rasparenny, and inst...

Tell me why logstash after a while begins to the log to write to[2019-12-06T13:17:39,214][ERROR][logstash.filters.dns ][main] DNS: Unexpected Error. {:field=>"dstname", :value=>"173.194.221.94", :message=>"Mutex relocking by same thread"} Well, in this case the ip in the name to convert stops. The problem persists ...

Hello, you need to do to the logs remained only for the last two weeks, tell me, is there some solution for this limitation?

I would like to master typical problems of infrastructure administration of applications in previous projects I used the solution made up to me and saw them only as a user (kimono of ELK, dashboards grafana), logging-level "write something using monolog in the application." Now I have no working projects, do self-developmen...