我通过主机ubuntu 16.04在3个docker容器中运行ELK堆栈 问题是在配置logstash.conf文件以执行“ifconfig”或“netstat -ano”之类的命令后,我收到错误。我的logstash.conf文件是:
input {
exec {
command => "netsat -ano"
codec => "json"
interval => 5
}
}
output{
elasticsearch { hosts => ["elasticsearch:9200"]}
}
i get this error after entering this command ( docker run -h logstash --name logstash --link elasticsearch:elasticsearch -it --rm -v "$PWD":/config-dir logstash -f /config-dir/logstash1.conf)
14:29:30.703 [[main]<exec] ERROR logstash.inputs.exec - Error while running command {:command=>"netsat -ano", :e=>#<IOError: Cannot run program "netsat" (in directory "/"): error=2, No such file or directory>, :backtrace=>["org/jruby/RubyIO.java:4380:in `popen'", "/usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-exec-3.1.2/lib/logstash/inputs/exec.rb:76:in `execute'", "/usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-exec-3.1.2/lib/logstash/inputs/exec.rb:75:in `execute'", "/usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-exec-3.1.2/lib/logstash/inputs/exec.rb:40:in `inner_run'", "/usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-exec-3.1.2/lib/logstash/inputs/exec.rb:34:in `run'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:443:in `inputworker'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:436:in `start_input'"]}
任何人都可以提前帮助,谢谢!
答案 0 :(得分:0)
您需要为这些命令提供完整路径,因为一个Logstash运行时不包含这些目录。
input {
exec {
command => "/bin/netsat -ano"
codec => "json"
interval => 5
}
}