Sha*_*ann 15 logstash logstash-configuration
我运行了服务logstash configtest,但给出的错误是:
logstash:无法识别的服务
我能够单独运行logstash服务,但不能运行"configtest".在etc/logstash/conf.d /我创建了logstash.conf文件,其中包含如下所示的代码: -
附加信息:-
service logstash status
? logstash.service - logstash
Loaded: loaded (/etc/systemd/system/logstash.service; disabled)
Active: active (running) since Mon 2016-12-26 12:40:58 PST; 6s ago
Main PID: 3512 (java)
CGroup: /system.slice/logstash.service
??3512 /usr/bin/java -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -XX...
Dec 26 12:40:58 Mr systemd[1]: Started logstash.
使用configtest运行时的服务: -
root@Mr:/# service logstash configtest
logstash: unrecognized service
我在debian8机器上运行这个,希望我能从你们那里得到一个很好的解决方案.
# This input block will listen on port 10514 for logs to come in.
# host should be an IP on the Logstash server.
# codec => "json" indicates that we expect the lines we're receiving to be in JSON format
# type => "rsyslog" is an optional identifier to help identify messaging streams in the pipeline.
input {
udp {
host => "logstash_private_ip"
port => 10514
codec => "json"
type => "rsyslog"
}
}
# This is an empty filter block. You can later add other filters here to further process
# your log lines
filter { }
# This output block will send all events of type "rsyslog" to Elasticsearch at the configured
# host and port into daily indices of the pattern, "rsyslog-YYYY.MM.DD"
output {
if [type] == "rsyslog" {
elasticsearch {
hosts => [ "elasticsearch_private_ip:9200" ]
}
}
}
v_s*_*ukt 48
对于旧的logstash
/opt/logstash/bin/logstash --configtest -f /etc/logstash/conf.d/
后来,它被安装在/ usr/share/logstash中,所以试试
/usr/share/logstash/bin/logstash --configtest -f <the config file/folder>
或者如果运行版本5.1+使用 --config.test_and_exit
/usr/share/logstash/bin/logstash --config.test_and_exit -f <the config file/folder>
小智 13
我有同样的问题,它帮助了我很多:
如果您运行的是Logstash版本5,则以下用于测试配置的命令将显示错误:
sudo /opt/logstash/bin/logstash --configtest -f /etc/logstash/conf.d/
正确的测试命令是:
sudo -u logstash /usr/share/logstash/bin/logstash --path.settings /etc/logstash -t
我正在运行ELK + filebeat,因为Ubuntu Server 16.04,我的结果是:将Logstash的日志发送到/ var/log/logstash,现在通过log4j2.properties配置配置OK
资料来源:https: //www.elastic.co/guide/en/logstash/current/running-logstash.html ; https://github.com/elastic/logstash/issues/6161
对于logstash 5.1它
/usr/share/logstash/bin/logstash --config.test_and_exit -f logstash.yml
使用官方logstashDocker镜像验证本地文件:
docker run -it -v /etc/logstash:/etc/logstash logstash /usr/share/logstash/bin/logstash -t -f /etc/logstash/logstash.conf
这假定您的配置文件位于本地/etc/logstash,然后在同一路径下将该文件夹安装到容器中.然后二进制文件可以在容器中找到配置文件.
可能有更好的方法来运行该命令,这对我有用.
| 归档时间: |
|
| 查看次数: |
50564 次 |
| 最近记录: |