logstash配置错误:文件{:level =>:error}的未知设置'start_position'

时间:2016-02-17 07:30:00

标签: logstash

我正在学习elk,配置文件有问题:logstash.config这里是配置:

input {
       file {
             path => "E:/elk/log/access_test.log"
             start_position => beginning
       }
}
filter { 
       grok { 
             match => {
                "message" => "%{COMBINEDAPACHELOG}"
             }
       }
       date {
             locale => "en"
             match => [ "timestamp" , "dd/MMM/YYYY:HH:mm:ss Z", "ISO8601" ]
       }
}
output {
        file {
              path => "E:/elk/log/logstash-access_test.log"
              start_position => beginning
       }
}

当我运行配置时,标题的错误将会出现。谁能告诉我原因?

2 个答案:

答案 0 :(得分:0)

输出文件插件没有start_position属性试试这个。

input {
       file {
             path => "E:/elk/log/access_test.log"
             start_position => beginning
       }
}
filter { 
        grok { 
              match => {
                        "message" => "%{COMBINEDAPACHELOG}"
              }
        }
        date {
              locale => "en"
              match => [ "timestamp" , "dd/MMM/YYYY:HH:mm:ss Z", "ISO8601" ]
        }
}
output {
       file {
             path => "E:/elk/log/logstash-access_test.log"
       }
}

答案 1 :(得分:0)

如果有帮助,使用--configtest调用logstash应该会提供更多信息 - 特别是行/列号。

希望这可以确认问题出在输出而不输入......

相关问题
最新问题