我遇到一个问题,即logstash没有获取日志文件并将事物日志推送到Kibana。我必须每次重新启动logstash进程才能获取它。
请参阅logstash conf文件的示例
input {
# one entry per topic file
file {
path => "/tmp/log-completed-backups.log"
start_position => beginning
type => "checkingfiles"
}
}
filter {
if "checkingfiles" in [type] {
csv {
separator => " "
columns => ['cdate', 'ctime', 'bmonth', 'bday']
add_tag => ["idam_filtered"]
}
mutate {
rename => { "cdate" => "cdate" }
rename => { "ctime" => "ctime" }
rename => { "bmonth" => "bmonth" }
rename => { "bday" => "bday" }
add_field => {
"namespace" => "${LB_SITE_NAME}"
}
}
}
}