Logstash 6.2.4,ElasticSearch 6.2.4首次使用这些工具 . 我试图在此示例后将IIS日志转换为elasticsearch:Importing iis logs into elasticsearch using logstash
使用以下命令运行独立测试时: . \ logstash.bat agent -f .. \ conf导致这些错误:
[2018-06-01T08:45:58,830] [INFO] [logstash.runner]启动Logstash {“logstash.version”=>“6.2.4”} [2018-06-01T08:45:59,604] [INFO] [logstash.agent]已成功启动Logstash API endpoints {:port => 9600} [2018-06-01T08:46:03,260] [错误] [logstash.outputs.elasticsearch]未知设置'embedded'为elasticsearch [2018-06- 01T08:46:03,261] [错误] [logstash.outputs.elasticsearch]未知设置'host'为elasticsearch [2018-06-01T08:46:03,262] [错误] [logstash.outputs.elasticsearch]未知设置'端口'为elasticsearch [2018-06-01T08:46:03,263] [错误] [logstash.outputs.elasticsearch]弹性搜索的未知设置'protocol'[2018-06-01T08:46:03,277] [错误] [logstash.agent]失败execute action {:action => LogStash :: PipelineAction :: Create / pipeline_id:main,:exception =>“LogStash :: ConfigurationError”,:message =>“您的配置出了问题 . ” [2018-06-01T08:46:03,277] [错误] [logstash.agent]无法执行操作{:action => LogStash :: PipelineAction :: Create / pipeline_id:main,:exception =>“LogStash :: ConfigurationError” ,:message =>“你的配置出了问题 . ”,:backtrace => [“D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/config/mixin . rb:89:在config_init'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/outputs/base.rb:63:ininitialize'“,”D: /ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/output_delegator_strategies/shared.rb:3:in initialize'“,”D:/ElasticSearch/logstash-6.2.4/logstash- 6.2.4 / logstash-core / lib / logstash / output_delegator.rb:24:ininitialize'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/plugins/ plugin_factory.rb:85:in plugin'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/pipeline.rb:112:inplugin'“,”(eval ):252:在<eval>'“,”org / jruby / RubyKernel.java:994:ineval '“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/pipeline.rb:84:in initialize'“,”D:/ElasticSearch/logstash-6.2 . 4 / logstash-6.2.4 / logstash -core / lib / logstash / pipeline.rb:169:ininitialize'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/ logstash / pipeline_action / create.rb:40:in execute'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/agent.rb:315:converblock in converge_state '“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/agent.rb:141:in with_pipelines'“,”D:/ElasticSearch/logstash-6.2 . 4 / logstash-6.2.4 / logstash -core / lib / logstash / agent.rb:312:inblock in converge_state'“,”org / jruby / RubyArray.java:1734:在每个'“,”D:/ ElasticSearch / logstash-6.2.4 / logstash-6.2.4 / logstash -core / lib / logstash / agent.rb:299:inconverge_state'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash- core / lib / logstash / agent.rb:166:在converge_state_and_update'“中的块中,”D:/ElasticSearch/logstash-6.2.4/logstash- 6.2.4 / logstash-core / lib / logstash / agent.rb:141:inwith_pipelines'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/agent . rb:164:在converge_state_and_update'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/agent.rb:90:不执行'“,”D:/ ElasticSearch /logstash-6.2.4/logstash-6.2.4/logstash-core/lib/logstash/runner.rb:348:in block in execute'“,”D:/ElasticSearch/logstash-6.2.4/logstash-6.2 . 4 / vendor / bundle / jruby / 2.3.0 / gems / stud-0.0.23 / lib / stud / task.rb:24:inblock in initialize'“]}
设置(嵌入式,主机,端口,协议)是conf文件中提供的默认设置 . 正如我所提到的,这是我第一次使用logstash . 任何协助确定配置的错误将不胜感激 .
http://localhost:9200从elasticsearch返回成功的响应 .
谢谢!