What is the correct config of logstash input and output?
Question
I want to know if my configuration is correct.
My configuration (in the file logstash_conf/first-pipeline.conf) is:
input {
file {
path => "/opt/logstash/bin/logstash_conf/logstash-tutorial-dataset.log"
start_position => beginning
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}"}
}
geoip {
source => "clientip"
}
}
output {
elasticsearch {}
stdout {}
}
I refered to the following configuration:
https://www.elastic.co/guide/en/logstash/current/advanced-pipeline.html
But when I try to run logstash, the following error appears:
[root@laoyang bin]# ./logstash -f ./logstash_conf/first-pipeline.conf
Settings: Default pipeline workers: 16
Connection refused {:class=>"Manticore::SocketException", :level=>:error}
Pipeline main started
Any help would be sincerely appreciated.
1 answers
solution1
1 2016-08-17 08:33:06
Connection refused means Lostash can't connect to Elasticsearch.
To follow this example , you should make sure your Elasticsearch is running on the same machine with Logstash.
root@laoyang bin]# curl http://localhost:9200
The above command should return Elastichsearch response.
output {
elasticsearch {}
stdout {}
}
The above example assumes Logstash and Elasticsearch to be running on the same instance. You can specify a remote Elasticsearch instance (ie 192.168.1.1) using hosts configuration like:
output {
elasticsearch {
hosts => [ "192.168.1.1:9200" ]
}
stdout {}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.