Logstash upstart腳本

Question

嘗試在Ubuntu 14.04中將新的logatash添加到新貴中。該腳本非常簡單：

# logstash - agent instance 
    description  "logstash" 

    start on virtual-filesystems 
    stop on runlevel [06] 

    limit nofile 65550 65550 

    script 
    /usr/bin/java -jar /home/user/logstash/logstash-1.2.1-flatjar.jar agent -f /home/user/logstash/logstash.config -l /home/user/logstash/new1.log -v 
    end script 

命令本身（腳本節內的線）的作品，並從shell中運行它時，卻開始使用時，啓動logstash：

start logsatsh 

logstash開始。但幾分鐘後，停止和服務狀態是：（使用status命令）

logstash stop/waiting 

的logstash文件的配置文件：

input { 


    stdin{} 
     file{ 
       path => "/home/user/log/logstash-1.4.0/mylog.log" 
     } 
     udp { 
       codec => json 
       host => "0.0.0.0" # string (optional), default: "0.0.0.0" 
       #message_format => ... # string (optional) 
       port => 9998 
       #tags => ... # array (optional) 
       type => "log4j" # string (required) 
     } 
     tcp{ 
       port => 9998 
       type => "log4j" 
       codec => json 
     } 
} 

output { 
    stdout{} 
    elasticsearch { host => localhost } 
} 

的logstash日誌文件：

 
log4j, [2014-04-25T13:50:16.300] INFO: org.elasticsearch.node: [Living Lightning] version[0.90.3], pid[1850], build[5c38d60/2013-08-06T13:18:31Z] 
log4j, [2014-04-25T13:50:16.301] INFO: org.elasticsearch.node: [Living Lightning] initializing ... 
log4j, [2014-04-25T13:50:16.308] INFO: org.elasticsearch.plugins: [Living Lightning] loaded [], sites [] 
log4j, [2014-04-25T13:50:20.300] INFO: org.elasticsearch.node: [Living Lightning] initialized 
log4j, [2014-04-25T13:50:20.300] INFO: org.elasticsearch.node: [Living Lightning] starting ... 
log4j, [2014-04-25T13:50:20.420] INFO: org.elasticsearch.transport: [Living Lightning] bound_address {inet[/0:0:0:0:0:0:0:0:9300]}, publish_address {inet[/100.91.222.96:9300]} 
log4j, [2014-04-25T13:50:23.473] INFO: org.elasticsearch.cluster.service: [Living Lightning] new_master [Living Lightning][P9fRLWzCQmaXuRKLZkUNig][inet[/100.91.222.96:9300]], reason: zen-$ 
log4j, [2014-04-25T13:50:23.773] INFO: org.elasticsearch.discovery: [Living Lightning] elasticsearch/P9fRLWzCQmaXuRKLZkUNig 
log4j, [2014-04-25T13:50:23.806] INFO: org.elasticsearch.http: [Living Lightning] bound_address {inet[/0:0:0:0:0:0:0:0:9200]}, publish_address {inet[/100.91.222.96:9200]} 
log4j, [2014-04-25T13:50:23.807] INFO: org.elasticsearch.node: [Living Lightning] started 
log4j, [2014-04-25T13:50:23.927] INFO: org.elasticsearch.gateway: [Living Lightning] recovered [4] indices into cluster_state 
log4j, [2014-04-25T13:50:23.970] INFO: org.elasticsearch.node: [Sefton, Amanda] version[0.90.3], pid[1850], build[5c38d60/2013-08-06T13:18:31Z] 
log4j, [2014-04-25T13:50:23.975] INFO: org.elasticsearch.node: [Sefton, Amanda] initializing ... 
log4j, [2014-04-25T13:50:23.975] INFO: org.elasticsearch.plugins: [Sefton, Amanda] loaded [], sites [] 
log4j, [2014-04-25T13:50:25.013] INFO: org.elasticsearch.node: [Sefton, Amanda] initialized 
log4j, [2014-04-25T13:50:25.013] INFO: org.elasticsearch.node: [Sefton, Amanda] starting ... 
log4j, [2014-04-25T13:50:25.102] INFO: org.elasticsearch.transport: [Sefton, Amanda] bound_address {inet[/0:0:0:0:0:0:0:0:9301]}, publish_address {inet[/100.91.222.96:9301]} 
log4j, [2014-04-25T13:50:28.311] INFO: org.elasticsearch.cluster.service: [Living Lightning] added {[Sefton, Amanda][EAiYOR8jSO-DZEDJlaSYng][inet[/100.91.222.96:9301]]{client=true, data=f$ 
log4j, [2014-04-25T13:50:28.350] INFO: org.elasticsearch.cluster.service: [Sefton, Amanda] detected_master [Living Lightning][P9fRLWzCQmaXuRKLZkUNig][inet[/100.91.222.96:9300]], added {[L$ 
log4j, [2014-04-25T13:50:28.361] INFO: org.elasticsearch.discovery: [Sefton, Amanda] elasticsearch/EAiYOR8jSO-DZEDJlaSYng 
log4j, [2014-04-25T13:50:28.362] INFO: org.elasticsearch.node: [Sefton, Amanda] started 
{:timestamp=>"2014-04-25T13:50:15.148000+0000", :message=>"Plugin is finished", :plugin=>, :level=>:info} 
{:timestamp=>"2014-04-25T13:50:15.138000+0000", :message=>"Pipeline started", :level=>:info} 
{:timestamp=>"2014-04-25T13:50:15.959000+0000", :message=>"Starting embedded ElasticSearch local node.", :level=>:info} 
{:timestamp=>"2014-04-25T13:50:23.944000+0000", :message=>"New ElasticSearch output", :cluster=>nil, :host=>"localhost", :port=>"9300-9400", :embedded=>true, :level=>:info} 
{:timestamp=>"2014-04-25T13:50:28.388000+0000", :message=>"Plugin is finished", :plugin=>"ruby", message=>"%{+yyyy-MM-dd'T'HH:mm:ss.SSSZ} %{host}: $ 
{:timestamp=>"2014-04-25T13:50:28.390000+0000", :message=>"Plugin is finished", :plugin=>"logstash-%{+YYYY.MM.dd}", port=>"9300-9400", embedded_htt$ 
{:timestamp=>"2014-04-25T13:50:28.402000+0000", :message=>"Pipeline shutdown complete.", :level=>:info} 

沒有fork是由logstash過程完成的（使用strace測試）。 嘗試將命令部分更改爲'exec'，但沒有成功。任何想法？

Answer 1

我建議你找新貴logstash.conf可在elasticsearch德布斯， 這部分，你可能想看看：

console none 
script 
    # Defaults 
    PATH=/bin:/usr/bin 
    LS_HOME=/var/lib/logstash 
    LS_HEAP_SIZE="500m" 
    LS_JAVA_OPTS="-Djava.io.tmpdir=${LS_HOME}" 
    LS_LOG_FILE=/var/log/logstash/logstash.log 
    LS_USE_GC_LOGGING="" 
    LS_CONF_DIR=/etc/logstash/conf.d 
    LS_OPEN_FILES=16384 
    LS_NICE=19 
    LS_OPTS="" 

    # Override our defaults with user defaults: 
    [ -f /etc/default/logstash ] && . /etc/default/logstash 

    HOME="${HOME:-$LS_HOME}" 
    JAVA_OPTS="${LS_JAVA_OPTS}" 
    # Reset filehandle limit 
    ulimit -n ${LS_OPEN_FILES} 
    cd "${LS_HOME}" 

    # Export variables 
    export PATH HOME JAVA_OPTS LS_HEAP_SIZE LS_JAVA_OPTS LS_USE_GC_LOGGING 
    test -n "${JAVACMD}" && export JAVACMD 

    exec nice -n ${LS_NICE} /opt/logstash/bin/logstash agent -f "${LS_CONF_DIR}" -l "${LS_LOG_FILE}" ${LS_OPTS} 
end script