Reputation: 1605
Kibana Not Showing Any Logs (ELK Stack)
I am learning ELK stack. So I have written a sample java code that churns out some log line in a file. I am trying to see if the log lines show up in Kibana UI. So I will try to explain it to best of my abilities about what I did. So first I start elasticsearch, then logstash, then kibana.
My logstash config file looks like:
input {
file {
type => "java"
path => "C:/temp/logs/application.log"
codec => multiline {
pattern => "^%{MONTHDAY}/%{MONTHNUM}/%{YEAR} %{TIME}.*"
negate => "true"
what => "previous"
}
}
}
filter {
grok {
match => { "message" => "%{DATE_EU:date} %{TIME:time} %{ISO8601_TIMEZONE:zone} \[%{LOGLEVEL:loglevel}.*] \[%{DATA:thread}] %{DATA:class} - %{GREEDYDATA:message}" }
add_tag => [ "log" ]
}
}
output {
stdout {
codec => rubydebug
}
# Sending properly parsed log events to elasticsearch
elasticsearch {
hosts => ["localhost:9200"]
}
}
The logs that are in the log file look like this:
07/06/2022 14:37:41.471 +0530 [ERROR] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an error
07/06/2022 14:37:41.471 +0530 [DEBUG] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an debug
07/06/2022 14:37:41.471 +0530 [TRACE] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an trace
07/06/2022 14:37:41.471 +0530 [WARN ] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an warn
07/06/2022 14:37:41.471 +0530 [ERROR] [main] com.cmt.ncaas.logging.LoggingTrial - Exception occured:
java.lang.ArithmeticException: / by zero
at com.cmt.ncaas.logging.LoggingTrial.exceptionLogging(LoggingTrial.java:39)
at com.cmt.ncaas.logging.LoggingTrial.main(LoggingTrial.java:32)
After this I created an index template with pattern logs-*. But I dont see anything show up in Kibana.
Can you please tell me where I am going wrong. I suspect it is the input section that is messing it up. But being so new, I am not sure what I could change.
Any pointers, i much appreciated. Thanks in advance.
Upvotes: 0
Views: 4283
Answers (1)
Reputation: 1
You're missing the "index" on elasticsearch output.
If you don't specify that, the logs are going to either:
"logstash-%{+yyyy.MM.dd}" OR "ecs-logstash-%{+yyyy.MM.dd}"
Those do not match your logs-* index pattern.
See the documentation here and search the index section
This should solve:
elasticsearch {
hosts => ["localhost:9200"]
index => "logs-%{+YYYY.MM.dd}"
}
Good luck
Upvotes: 0
Related Questions
- Logstash starts but it does not load the data to elasticsearch
- Unable to connect Kibana to Elasticsearch
- Kibana (ELK stack) dose not load the indices
- Kibana not showing any data from Elasticsearch
- logstash output not showing up in kibana
- ElasticSearch - Unable to fetch mapping
- Elactic Search Not Reciving Data from logstash
- Find Missing Logs with ELK
- Kibana4 Log Levels not shown
- Kibana shows a blank dashboard