Logstash配置錯誤

我是新來的ELK堆棧。希望使用從filebeat到logstash的管道推送數據，這將推動數據的彈性。我的配置如下：Logstash配置錯誤

input { 
beats { 
    port => "5043" 
    } 
} 

filter { 
    grok { 
match => { "message" => "\A%{TIMESTAMP_ISO8601:timestamp}%{SPACE}%{WORD:var0}%{SPACE}%{NOTSPACE}%{SPACE}(?<searchinfo>[^#]*)#(?<username>[^#]*)#(?<searchQuery>[^#]*)#(?<latitude>[^#]*)#(?<longitude>[^#]*)#(?<client_ip>[^#]*)#(?<responseTime>[^#]*)" } 
    } 
} 


output { 
    stdout { codec => rubydebug } 
     elasticsearch { 
      index => "logstash_logs" 
      document_type => "logs" 
      hosts => [ "localhost:9200" ] 
}

問題是當我做bin/logstash -f first-pipeline.conf --config.test_and_exit。它給我一個錯誤，說明：

17:55:37.691 [LogStash::Runner] FATAL logstash.runner - The given configuration is invalid. Reason: Expected one of #, if, ", ', } at line 22, column 1 (byte 487) after output { 
stdout { codec => rubydebug } 
    elasticsearch { 
     index => "logstash_logs" 
     document_type => "logs" 
     hosts => [ "localhost:9200" ] 
}

任何人都可以指出我哪裏錯了？

來源

2017-08-29 iam.Carrot

你缺少一個右大括號在elasticsearch輸出

output { 
    stdout { codec => rubydebug } 
    elasticsearch { 
    index => "logstash_logs" 
    document_type => "logs" 
    hosts => [ "localhost:9200" ] 
    }  <--- this is missing 
}

來源

2017-08-29 12:08:03 Val

洛爾這一定是最愚蠢的事。我不相信我錯過了它。謝謝。它現在有效。 –

有時候，它恰好在你面前:-)現在很高興 – Val

Logstash配置錯誤

回答

相關問題