Logstash无法连接到Elastic搜索
[英]Logstash can not connect to Elastic search
问题描述
{:timestamp=>"2017-07-19T15:56:36.517000+0530", :message=>"Attempted to send a bulk request to Elasticsearch configured at '[\"http://localhost:9200\"]', but Elasticsearch appears to be unreachable or down!", :error_message=>"Connection refused (Connection refused)", :class=>"Manticore::SocketException", :level=>:error}
{:timestamp=>"2017-07-19T15:56:37.761000+0530", :message=>"Connection refused (Connection refused)", :class=>"Manticore::SocketException", :backtrace=>["/opt/logstash/vendor/bundle/jruby/1.9/gems/manticore-0.6.0-java/lib/manticore/response.rb:37:in `initialize'", "org/jruby/RubyProc.java:281:in `call'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/manticore-0.6.0-java/lib/manticore/response.rb:79:in `call'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/manticore-0.6.0-java/lib/manticore/response.rb:256:in `call_once'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/manticore-0.6.0-java/lib/manticore/response.rb:153:in `code'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.18/lib/elasticsearch/transport/transport/http/manticore.rb:84:in `perform_request'", "org/jruby/RubyProc.java:281:in `call'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.18/lib/elasticsearch/transport/transport/base.rb:257:in `perform_request'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.18/lib/elasticsearch/transport/transport/http/manticore.rb:67:in `perform_request'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.18/lib/elasticsearch/transport/transport/sniffer.rb:32:in `hosts'", "org/jruby/ext/timeout/Timeout.java:147:in `timeout'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.18/lib/elasticsearch/transport/transport/sniffer.rb:31:in `hosts'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/elasticsearch-transport-1.0.18/lib/elasticsearch/transport/transport/base.rb:79:in `reload_connections!'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-2.7.1-java/lib/logstash/outputs/elasticsearch/http_client.rb:72:in `sniff!'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-2.7.1-java/lib/logstash/outputs/elasticsearch/http_client.rb:60:in `start_sniffing!'", "org/jruby/ext/thread/Mutex.java:149:in `synchronize'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-2.7.1-java/lib/logstash/outputs/elasticsearch/http_client.rb:60:in `start_sniffing!'", "org/jruby/RubyKernel.java:1479:in `loop'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-2.7.1-java/lib/logstash/outputs/elasticsearch/http_client.rb:59:in `start_sniffing!'"], :level=>:error}
{:timestamp=>"2017-07-19T15:56:38.520000+0530", :message=>"Attempted to send a bulk request to Elasticsearch configured at '[\"http://localhost:9200\"]', but Elasticsearch appears to be unreachable or down!", :error_message=>"Connection refused (Connection refused)", :class=>"Manticore::SocketException", :level=>:error}
虽然弹性搜索在端口127.0.0.1:9200上运行,但我不知道从logstash那里进行此配置,但我没有配置logstash以在本地主机上连接弹性搜索
在logstash.service中
ExecStart=/usr/share/logstash/bin/logstash "--path.settings" "/etc/logstash"
在/ etc / logstash中,我有logstash.yml
path.config: /etc/logstash/conf.d
在/etc/logstash/conf.d中
output {
elasticsearch { hosts => ["10.2.0.10:9200"]
manage_template => false
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
document_type => "%{[@metadata][type]}"
}
}
2 个解决方案
解决方案1
0 2017-07-21 18:45:56
conf.d是您的目录权限,您需要一个类似myconf.conf的文件,格式如下:
input {
}
filter {
#can be empty
}
output {
}
应用所有更改后,您需要重新启动Logstash服务,它将应用您的新更改。 您还可以在LS设置中的logstash.yml文件中进行控制,如果您需要重新启动它,则可以对conf.d下的任何文件应用新更改。
您还可以分解conf文件,例如1_input.conf 2_filter.conf和99_output.conf,以便每个文件都包含自己的插件,即input,filter和output。
解决方案2
0 2017-07-22 04:53:41
- 启动Elasticsearch。
为Logstash编写一个conf文件,以连接数据并将其上传到Elasticsearch。
input { file { type => "csv" path => "path for csv." start_position => "beginning" } } filter { csv { columns => ["Column1","Column2"] separator => "," } mutate { convert => {"Column1" => "float"} } } output { elasticsearch { hosts => "http://localhost:9200" } stdout { codec => rubydebug} }可以在elasticsearch.yml文件中配置elasticsearch的主机。
- 运行conf文件(logstash.bat -f abc.conf)
Logstash 无法连接到启用了 Xpack 的弹性搜索集群
[英]Logstash cannot connect to the elastic search cluster with Xpack enabled
在弹性搜索和 Kibana 中启用安全性时无法启动 logstash
[英]Can't not start logstash when enable security At elastic search and Kibana
logstash 可以将数据同时发送到多个位置以及弹性搜索
[英]can logstash send data simultaneusly to mulpile location along with elastic search
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.