Logstash在运行时出现异常

dsf9zpds  于 12个月前  发布在  Logstash
关注(0)|答案(1)|浏览(200)

当我运行它的时候,我在logstash日志中得到了这个异常。
[2018 - 01 - 14T15:42:00,912][ERROR][logstash. outputs. elasticsearch]未知设置'host' for elasticsearch [2018 - 01 - 14T15:42:00,921][ERROR][logstash. agent]无法执行操作{:action => LogStash::PipelineAction::Create/pipeline_id:main,:exception =>"LogStash::Exclusion Error",:message =>"您的配置出错。",:backtrace =>["/usr/share/logstash/logstash-core/lib/logstash/config
/mixin. rb:89:in config_init "/usr/share/logstash/logstash-core/lib/logstash/outputs/base.rb:63:in initialize'","/usr/share/logstash/logstash-core/lib/logstash/output_delegator_strategies/shared. rb:3:in initialize'", "/usr/share/logstash/logstash-core/lib/logstash/output_delegator.rb:25:in initialize'","/usr/share/logstash/logstash-core/lib/logstash/plugins/plugin_factory. rb:86:in plugin'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:114:in plugin'","(eval):87:在<eval>'","org/jruby/RubyKernel.java:994:in eval'","/usr/share/logstash/logstash-core/lib/logstash/pipeline. rb:86:在initialize'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:171:in中初始化"","/usr/share/logstash/logstash-core/lib/logstash/pipeline_action/create. rb:40:在execute'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:335:in块中,在converge_state","/usr/share/logstash/logstash-core/lib/logstash/agent. rb:141:在converge_state中with_pipelines'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:332:in块中"," org/jruby/RubyArray. java:1734:在each'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:319:in converge_state "中,"/usr/share/logstash/logstash-core/lib/logstash/agent. rb:166:in block in converge_state_and_update'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:141:in with_pipelines '","/usr/share/logstash/logstash-core/lib/logstash/agent. rb:164:in converge_state_and_update'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:90:in execute'","/usr/share/logstash/logstash-core/lib/logstash/runner. rb:343:in block in execute'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/stud-0.0.23/lib/stud/task.rb:24:in block in initialize '"]}
这是我的配置:

input{
 lumberjack {
  port => 5044
  type => "logs"
  ssl_certificate => "/etc/pki/tls/certs/logstash-forwarder.crt"
  ssl_key => "/etc/pki/tls/private/logstash-forwarder.key"
 }    
}

filter{
 if[type] == "syslog" {
   grok {
    match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:sysylog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" }
     add_field => ["received_at", "%{@timestamp}" ] 
     add_field => ["received_from", "%{host}" ]
   }
   syslog_pri {}
   date {
     match => ["syslog_timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ]
   }
 }
}

output{
  elasticsearch { host =>localhost }
  stdout { codec => rubydebug }
}

字符串
我该如何解决呢?谢谢。我用的是最新版本的ELK

logstash

1条答案

按热度按时间
mhd8tkvw

mhd8tkvw1#

如果你检查你的输出elasticsearch插件,它有host参数。
它需要一个主机参数和一个字符串数组。
https://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html#plugins-outputs-elasticsearch-hosts
我的logstash->elastic插件看起来像这样:

elasticsearch{
  hosts=>["localhost:9200"]
  index=>"logstash-%{+YYYY.MM.dd}"
}

字符串
您可能还需要设置index参数。

赞(0)分享  回复(0)举报  12个月前
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com