来自logstash的日志未显示在Kibana上

时间:2017-10-09 09:22:08

标签: elasticsearch logstash kibana elastic-stack

我正在尝试使用ELK监控我的中小型网络中的某些服务器。 Kibana不显示来自Logstash-> Elasticsearch的日志。

我的配置文件:

input{
file{
    path => "/opt/experis-cyber/sys-monitor/log/monitor-sys-*"
    start_position =>"beginning"
document_type => "sys"

}
}
filter{ 
}
output{
elasticsearch {
    hosts =>["10.10.20.13:9200"]
    index => ["monitor"]
}
stdout { 
codec => rubydebug 
}

}

var / log / .. 

[2017-10-09T12:03:15,725][INFO ][logstash.modules.scaffold] Initializing module {:module_name=>"fb_apache", :directory=>"/usr/share/logstash/modules/fb_apache/configuration"}
[2017-10-09T12:03:15,731][INFO ][logstash.modules.scaffold] Initializing module {:module_name=>"netflow", :directory=>"/usr/share/logstash/modules/netflow/configuration"}
[2017-10-09T12:03:18,410][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://10.10.20.13:9200/]}}
[2017-10-09T12:03:18,417][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://10.10.20.13:9200/, :path=>"/"}
[2017-10-09T12:03:18,826][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"http://10.10.20.13:9200/"}
[2017-10-09T12:03:18,830][INFO ][logstash.outputs.elasticsearch] Using mapping template from {:path=>nil}
[2017-10-09T12:03:19,032][INFO ][logstash.outputs.elasticsearch] Attempting to install template {:manage_template=>{"template"=>"logstash-*", "version"=>50001, "settings"=>{"index.refresh_interval"=>"5s"}, "mappings"=>{"_default_"=>{"_all"=>{"enabled"=>true, "norms"=>false}, "dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"*", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date", "include_in_all"=>false}, "@version"=>{"type"=>"keyword", "include_in_all"=>false}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}}
[2017-10-09T12:03:19,076][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//10.10.20.13:9200"]}
[2017-10-09T12:03:19,078][INFO ][logstash.pipeline        ] Starting pipeline {"id"=>"main", "pipeline.workers"=>1, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>125}
[2017-10-09T12:03:19,894][INFO ][logstash.pipeline        ] Pipeline main started
[2017-10-09T12:03:20,090][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>9600}

有没有人知道问题出在哪里?

0 个答案:

没有答案
相关问题
最新问题