我的日志文件
制造商型号里程manufacturer_year engine_displacement engine_power body_type color_slug stk_year transmission door_count seat_count fuel_type date_created date_last_seen price_eur 福特Galaxy 151000 2011 2000 103无人5 7柴油2015-11-14 18:10:06.838319 + 00 2016-01-27 20:40:15.46361 + 00 10584.75 skoda octavia 143476 2012 2000 81无人5 5柴油2015-11-14 18:10:06.853411 + 00 2016-01-27 20:40:15.46361 + 00 8882.31 宝马97676 2010 1995 85无人5 5柴油2015-11-14 18:10:06.861792 + 00 2016-01-27 20:40:15.46361 + 00 12065.06 斯柯达法比亚111970 2004 1200 47无人5 5汽油2015-11-14 18:10:06.872313 + 00 2016-01-27 20:40:15.46361 + 00 2960.77 斯柯达法比亚128886 2004 1200 47无人5 5汽油2015-11-14 18:10:06.880335 + 00 2016-01-27 20:40:15.46361 + 00 2738.71
错误在
之下[2018-03-23T11:35:20,226] [错误] [logstash.agent]无法执行操作{:action => LogStash :: PipelineAction :: Create / pipeline_id:main,:exception =>“ LogStash :: PluginLoadingError“,:message =>”找不到任何名为'txt'的过滤器插件。你确定这是正确的吗?
我的conf文件位于
之下输入{file {path => “/home/elk/data/logklda.txt"start_position => “开始” sincedb_path => “的/ dev / null的”}}
过滤器{txt {separator => “”columns => [ “名称”, “类型”, “类别”, “日期”, “error_log中”]}} 输出{elasticsearch {hosts => “localhost”index => “logklda”document_type => “类别”}标准输出{}}
答案 0 :(得分:1)
过滤器txt不存在。从您的配置中,您似乎想要使用csv filter。在您的情况下,用csv替换txt,配置如下所示:
csv {
separator => " "
columns => ["name","type","category","date","error_log"]
}
答案 1 :(得分:0)
有一个名为" txt"的过滤器不存在。我认为您必须检查此logstash指南网站并更正您的代码。 https://www.elastic.co/guide/en/logstash/current/filter-plugins.html