CODEWITHSUNDEEP
amazon-web-servicesdockerlogstashstdoutamazon-cloudwatch
CoyoteKG
CoyoteKG

Reputation: 45

Logstash docker, how to stop send logs to stdout

How to stop sending (using env variables) logs to the stdout? I changed log_level to WARN, and yes I don't have INFO logs anymore, but I still receiving logs like this: 

14:14:51 "namespace" => "AWS/ECS",
14:14:51 "period" => 300,14:14:51 "ServiceName" => "archive-logstash",
14:14:51 "@version" => "1",
14:14:51 "ClusterName" => "archive",
14:14:51 "minimum" => 0.4069010416666667,
14:14:51 "average" => 44.13362219887956,
14:14:51 "@timestamp" => 2020-03-30T14:14:42.420Z,
14:14:51 "aws_account" => "acc",
14:14:51 "maximum" => 71.2890625,
14:14:51 "sample_count" => 7.0,
14:14:51 "sum" => 308.9353553921569,
14:14:51 "unit" => "Percent",
14:14:51 "timestamp" => 2020-03-30T14:09:00.000Z,
14:14:51 "end_time" => 2020-03-30T14:14:39.000Z,
14:14:51 "metric_name" => "MemoryUtilization",
14:14:51 "start_time" => 2020-03-30T14:09:39.000Z

I don't need these logs, because Logstash will be in loop, will reading from that cloudwatch group together with other logs from fargate, an send it back again to the ELK.

Also this log format is totally unusable

I'm running Logstash in AWS fargate

Upvotes: 1

Views: 1657

Answers (2)

Nadya
Nadya

Reputation: 1

https://www.elastic.co/guide/en/logstash/current/docker-config.html#_custom_images

So basically the logs go to stdout because of the default pipeline. The only thing you need to do is to remove this file of rewrite it, i.e. add for example add

RUN rm -f /usr/share/logstash/pipeline/logstash.conf

to your Dockerfile

Upvotes: 0

Walter A
Walter A

Reputation: 20022

(I wasn't sure so I first asked with a comment, but OP said this was the case)
You need to remove

stdout { codec => rubydebug }

in the 

output { .. }

section of your translation file.

Upvotes: 1

Related Questions