Logstash keep runing without crashing or output (windows as well as linux)

Question

I am using a simple conf file to take in log4j file and output as stdout (for debugging)

input { 
    file {
    type => "log4j"
    path => "C:\Stash\log4stash.log"
    start_position => "beginning"  } 
} 
output {# only for debug purpose
    stdout {
    codec => json 
    } 
}

When I run it in windows, sometime it spits out output on the console but mostly shows nothing after the following output:

←[33mUsing milestone 2 input plugin 'file'. This plugin should be stable, but if you see strange behavior, please let us know! For more information on plugin milestones, see http://logstash.net/docs/1.4.2/plugin-milestones {:level=>:warn}←[0m

Similar behavior on Linux too. Any pointers? Much Thanks.

Update: The conf file and the (logstash)debug log from linux.

input {
 file {
    type => "log4j"
    path => "/root/Downloads/log4stash.log"
    start_position => "beginning"
  }
}

output {
    # only for debug purposes   
    stdout {
        codec => rubydebug 
    }
    elasticsearch_http {
        host => ""
        port => 9200    
    }
}

From the log, it seems like logstash reads the file and process it and after registering and processing goes in wait state. But where is the stdout? and/or nothing in elastic search (query using kibana UI). Much Thanks, again, for your input.

    [root@cdh-cc3 logstash-1.4.2]# bin/logstash -f /root/Downloads/ll4j-2.conf --debug

Reading config file {:file=>"logstash/agent.rb", :level=>:debug, :line=>"301"}
Compiled pipeline code:
@inputs = []
@filters = []
@outputs = []
@input_file_1 = plugin("input", "file", LogStash::Util.hash_merge_many({ "type" => ("log4j".force_encoding("UTF-8")) }, { "path" => ("/root/Downloads/log4stash.log".force_encoding("UTF-8")) }, { "start_position" => ("beginning".force_encoding("UTF-8")) }))

@inputs << @input_file_1
@output_stdout_2 = plugin("output", "stdout", LogStash::Util.hash_merge_many({ "codec" => ("json".force_encoding("UTF-8")) }))

@outputs << @output_stdout_2
@output_elasticsearch_http_3 = plugin("output", "elasticsearch_http", LogStash::Util.hash_merge_many({ "host" => ("elastic.search".force_encoding("UTF-8")) }, { "port" => 9200 }))

@outputs << @output_elasticsearch_http_3
  @filter_func = lambda do |event, &block|
    extra_events = []
    @logger.debug? && @logger.debug("filter received", :event => event.to_hash)
    extra_events.each(&block)
  end
  @output_func = lambda do |event, &block|
    @logger.debug? && @logger.debug("output received", :event => event.to_hash)
    @output_stdout_2.handle(event)
    @output_elasticsearch_http_3.handle(event)

  end {:level=>:debug, :file=>"logstash/pipeline.rb", :line=>"26"}
Using milestone 2 input plugin 'file'. This plugin should be stable, but if you see strange behavior, please let us know! For more information on plugin milestones, see http://logstash.net/docs/1.4.2/plugin-milestones {:level=>:warn, :file=>"logstash/config/mixin.rb", :line=>"209"}
config LogStash::Codecs::Plain/@charset = "UTF-8" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@type = "log4j" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@path = ["/root/Downloads/log4stash.log"] {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@start_position = "beginning" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@debug = false {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@codec = "UTF-8"> {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@add_field = {} {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@stat_interval = 1 {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@discover_interval = 15 {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Inputs::File/@sincedb_write_interval = 15 {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Codecs::JSON/@charset = "UTF-8" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::Stdout/@codec = "UTF-8"> {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::Stdout/@type = "" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::Stdout/@tags = [] {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::Stdout/@exclude_tags = [] {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::Stdout/@workers = 1 {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
Using milestone 2 output plugin 'elasticsearch_http'. This plugin should be stable, but if you see strange behavior, please let us know! For more information on plugin milestones, see http://logstash.net/docs/1.4.2/plugin-milestones {:level=>:warn, :file=>"logstash/config/mixin.rb", :line=>"209"}
config LogStash::Codecs::Plain/@charset = "UTF-8" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@host = "elastic.search" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@port = 9200 {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@type = "" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@tags = [] {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@exclude_tags = [] {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@codec = "UTF-8"> {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@workers = 1 {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@index = "logstash-%{+YYYY.MM.dd}" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@manage_template = true {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@template_name = "logstash" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@template_overwrite = false {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@user = nil {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@password =  {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@flush_size = 100 {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@idle_flush_time = 1 {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@document_id = nil {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
config LogStash::Outputs::ElasticSearchHTTP/@replication = "sync" {:level=>:debug, :file=>"logstash/config/mixin.rb", :line=>"105"}
Registering file input {:path=>["/root/Downloads/log4stash.log"], :level=>:info, :file=>"logstash/inputs/file.rb", :line=>"74"}
No sincedb_path set, generating one based on the file path {:sincedb_path=>"/root/.sincedb_624f220c3c6db2a30932d4fb6e93769d", :path=>["/root/Downloads/log4stash.log"], :level=>:info, :file=>"logstash/inputs/file.rb", :line=>"115"}
Pipeline started {:level=>:info, :file=>"logstash/pipeline.rb", :line=>"78"}
_sincedb_open: reading from /root/.sincedb_624f220c3c6db2a30932d4fb6e93769d {:level=>:debug, :file=>"filewatch/tail.rb", :line=>"199"}
_sincedb_open: setting [1451032, 0, 64768] to 1206 {:level=>:debug, :file=>"filewatch/tail.rb", :line=>"203"}
_discover_file_glob: /root/Downloads/log4stash.log: glob is: ["/root/Downloads/log4stash.log"] {:level=>:debug, :file=>"filewatch/watch.rb", :line=>"117"}
_discover_file: /root/Downloads/log4stash.log: new: /root/Downloads/log4stash.log (exclude is []) {:level=>:debug, :file=>"filewatch/watch.rb", :line=>"126"}
_open_file: /root/Downloads/log4stash.log: opening {:level=>:debug, :file=>"filewatch/tail.rb", :line=>"98"}
/root/Downloads/log4stash.log: sincedb last value 1206, cur size 1206 {:level=>:debug, :file=>"filewatch/tail.rb", :line=>"122"}
/root/Downloads/log4stash.log: sincedb: seeking to 1206 {:level=>:debug, :file=>"filewatch/tail.rb", :line=>"124"}
writing sincedb (delta since last write = 1423673806) {:level=>:debug, :file=>"filewatch/tail.rb", :line=>"177"}
/root/Downloads/log4stash.log: file grew, old size 0, new size 1206 {:level=>:debug, :file=>"filewatch/watch.rb", :line=>"81"}
Automatic template management enabled {:manage_template=>"true", :level=>:info, :file=>"logstash/outputs/elasticsearch_http.rb", :line=>"104"}
Template Search URL: {:template_search_url=>"http://elastic.search:9200/_template/*", :level=>:debug, :file=>"logstash/outputs/elasticsearch_http.rb", :line=>"112"}
_discover_file_glob: /root/Downloads/log4stash.log: glob is: ["/root/Downloads/log4stash.log"] {:level=>:debug, :file=>"filewatch/watch.rb", :line=>"117"}
_discover_file_glob: /root/Downloads/log4stash.log: glob is: ["/root/Downloads/log4stash.log"] {:level=>:debug, :file=>"filewatch/watch.rb", :line=>"117"}
_discover_file_glob: /root/Downloads/log4stash.log: glob is: ["/root/Downloads/log4stash.log"] {:level=>:debug, :file=>"filewatch/watch.rb", :line=>"117"}

Logstash keep runing without crashing or output (windows as well as linux)

Answers (1)

Related Questions