Logstash 2.4.0没有显示任何输出?

时间:2017-01-18 08:30:24

标签: logstash

当我在logstash 2.4.0中执行以下代码时,它没有显示任何输出。它说管道已经启动并保持状态

这些是日志文件中的内容

[2017-01-13 12:58:09,843][WARN ][index.search.slowlog.query] [Spectra] [testindex-stats][2] took[15.3ms], took_millis[15], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[5], source[{"query":{"match":{"text":"ronin"}}}], extra_source[], 
[2017-01-13 12:58:09,844][WARN ][index.search.slowlog.query] [Spectra] [testindex-stats][1] took[16.2ms], took_millis[16], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[5], source[{"query":{"match":{"text":"ronin"}}}], extra_source[], 
[2017-01-13 14:33:27,028][WARN ][index.search.slowlog.query] [Spectra] [testindex-stats][0] took[92micros], took_millis[0], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[5], source[], extra_source[], 
[2017-01-13 14:37:48,943][DEBUG][index.search.slowlog.query] [Spectra] [test][3] took[41.2micros], took_millis[0], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[5], source[], extra_source[], 
[2017-01-13 14:37:48,943][DEBUG][index.search.slowlog.query] [Spectra] [test][1] took[38.4micros], took_millis[0], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[5], source[], extra_source[], 
[2017-01-13 14:37:48,943][DEBUG][index.search.slowlog.query] [Spectra] [test][2] took[46.1micros], took_millis[0], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[5], source[], extra_source[],

CODE:

input {
  file {
    path => "D:\logstash-2.4.0\logstash-2.4.0\bin\pikka.log"
    start_position => "beginning"
  }
}

filter {
   grok {
      match => {"message" => "\[%{TIMESTAMP_ISO8601:TIMESTAMP}\]\[%{LOGLEVEL:LOGLEVEL} \]\[%{DATA:QUERY}\] \[%{WORD:QUERY1}\] \[%{WORD:INDEX}\]\[%{INT:SHARD}\] took\[%{BASE10NUM:TOOK}ms\], took_millis\[%{BASE10NUM:took_millis}\], types\[%{DATA:types}\], stats\[%{DATA:stats}\], search_type\[%{DATA:search_type}\], total_shards\[%{INT:total_shards}\], source\[%{DATA:source}\], extra_source\[%{DATA:extra_source}\]"}
   }
}
output {
   csv {
      fields => ["TIMESTAMP","LOGLEVEL","QUERY","QUERY1","INDEX-NAME","SHARD","TOOK","took_millis","types","stats","search_type","total_shards","source_query","extra_source"]
      path => "D:\logstash-2.4.0\logstash-2.4.0\bin\finaloutput1.csv"
      spreadsheet_safe => false
   }
stdout { codec => rubydebug}
}

输出

D:\logstash-2.4.0\logstash-2.4.0\bin>logstash -f "D:\logstash-2.4.0\logstash-2.4.0\bin\ya
s.conf"
Settings: Default pipeline workers: 2
Pipeline main started

0 个答案:

没有答案
相关问题
最新问题