但未创建索引

但未创建索引

关注
发信
关注(28)粉丝(399)

Logstash创建管道,但未创建索引

本文介绍了Logstash创建管道,但未创建索引的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使用json文件在elasticsearch云上创建索引.我已经创建了如下配置:

I am trying to create an index on elasticsearch cloud using a json file. I have created the configuration as given below:

input {
        file {
                path => ["/root/leads.json"]
                start_position => "beginning"
                ignore_older => 0
        }
}
output {
        elasticsearch {
                        hosts => ["https://ac9xxxxxxxxxxxxxb.us-east-1.aws.found.io:9243"]
                        user => "elastic"
                        password => "xxxxxxxxxxxxxx"
        }
}

我能够使用以下命令运行logstash:

I am able to run the logstash using the command:

sudo bin/logstash -f /etc/logstash/conf.d/logstash.conf

logstash启动了一个管道,但是我没有看到在Elasticsearch中创建任何索引:

The logstash starts a pipeline, but I am not seeing any index getting created in elasticsearch:

 [INFO ] 2018-11-14 09:16:01.821 [[main]>worker1] file - No sincedb_path set, generating one based on the "path" setting {:sincedb_path=>"/usr/share/logstash/data/plugins/inputs/file/.sincedb_43b5fa3acfcfc04b3df80a7c15c8d991", :path=>["/root/leads.json"]}
[INFO ] 2018-11-14 09:16:01.852 [Converge PipelineAction::Create<main>] pipeline - Pipeline started successfully {:pipeline_id=>"main", :thread=>"#<Thread:0x2fda8150 run>"}
[INFO ] 2018-11-14 09:16:01.944 [Ruby-0-Thread-1: /usr/share/logstash/lib/bootstrap/environment.rb:6] agent - Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
[INFO ] 2018-11-14 09:16:01.996 [[main]<file] observingtail - START, creating Discoverer, Watch with file and sincedb collections
[INFO ] 2018-11-14 09:16:02.522 [Api Webserver] agent - Successfully started Logstash API endpoint {:port=>9600}

推荐答案

您应像这样更改配置:

input {
        file {
                path => ["/root/leads.json"]
                start_position => "beginning"
                sincedb_path => "/dev/null"
        }
}

删除ignore_older => 0,因为这将有效地忽略早于0秒的文件:-)添加sincedb_path可以确保您可以从文件开头开始运行管道.

Remove ignore_older => 0 since that will effectively ignore files that are older than 0 seconds :-)Adding sincedb_path makes sure that you can run the pipeline several from the beginning of the file.

这篇关于Logstash创建管道,但未创建索引的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-31 15:08
Powered by LMLPHP ©2024 但未创建索引 0.040336