当前位置: 文江博客 话题详情

基巴纳没有显示任何日志(麋鹿堆)

发布于 2025-02-05 04:40:55 字数 1789 浏览 4 评论 0 原文

我正在学习麋鹿堆栈。因此,我编写了一个示例Java代码,该代码在文件中流出了一些日志行。我正在尝试查看kibana UI中的日志线是否显示。因此,我将尝试为我的能力解释一下我的所作所为。因此,首先,我启动Elasticsearch,然后是Logstash,然后是Kibana。

我的logstash配置文件看起来像:

input {
    file {
    type => "java"
    path => "C:/temp/logs/application.log"
    codec => multiline {
        pattern => "^%{MONTHDAY}/%{MONTHNUM}/%{YEAR} %{TIME}.*"
        negate => "true"
        what => "previous"
    }
  }
}

filter {

    grok {  
        match => { "message" => "%{DATE_EU:date} %{TIME:time} %{ISO8601_TIMEZONE:zone} \[%{LOGLEVEL:loglevel}.*] \[%{DATA:thread}] %{DATA:class} - %{GREEDYDATA:message}" }
        add_tag => [ "log" ]
    }
}

output {
    
    stdout {
        codec => rubydebug
    }
    
    # Sending properly parsed log events to elasticsearch
    elasticsearch {
        hosts => ["localhost:9200"]
    }
}

日志文件中的日志如下:

    07/06/2022 14:37:41.471 +0530 [ERROR] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an error
07/06/2022 14:37:41.471 +0530 [DEBUG] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an debug
07/06/2022 14:37:41.471 +0530 [TRACE] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an trace
07/06/2022 14:37:41.471 +0530 [WARN ] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an warn
07/06/2022 14:37:41.471 +0530 [ERROR] [main] com.cmt.ncaas.logging.LoggingTrial - Exception occured: 
java.lang.ArithmeticException: / by zero
    at com.cmt.ncaas.logging.LoggingTrial.exceptionLogging(LoggingTrial.java:39)
    at com.cmt.ncaas.logging.LoggingTrial.main(LoggingTrial.java:32)

在此之后,我创建了一个带有模式 logs的索引模板 - *。但是我看不到奇巴纳出现任何东西。

你能告诉我我出了什么问题吗?我怀疑是输入部分将其弄乱。但是变新,我不确定我可以改变什么。

任何指针,我都非常感谢。提前致谢。

原文

I am learning ELK stack. So I have written a sample java code that churns out some log line in a file. I am trying to see if the log lines show up in Kibana UI. So I will try to explain it to best of my abilities about what I did. So first I start elasticsearch, then logstash, then kibana.

My logstash config file looks like:

input {
    file {
    type => "java"
    path => "C:/temp/logs/application.log"
    codec => multiline {
        pattern => "^%{MONTHDAY}/%{MONTHNUM}/%{YEAR} %{TIME}.*"
        negate => "true"
        what => "previous"
    }
  }
}

filter {

    grok {  
        match => { "message" => "%{DATE_EU:date} %{TIME:time} %{ISO8601_TIMEZONE:zone} \[%{LOGLEVEL:loglevel}.*] \[%{DATA:thread}] %{DATA:class} - %{GREEDYDATA:message}" }
        add_tag => [ "log" ]
    }
}

output {
    
    stdout {
        codec => rubydebug
    }
    
    # Sending properly parsed log events to elasticsearch
    elasticsearch {
        hosts => ["localhost:9200"]
    }
}

The logs that are in the log file look like this:

    07/06/2022 14:37:41.471 +0530 [ERROR] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an error
07/06/2022 14:37:41.471 +0530 [DEBUG] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an debug
07/06/2022 14:37:41.471 +0530 [TRACE] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an trace
07/06/2022 14:37:41.471 +0530 [WARN ] [main] com.cmt.ncaas.logging.LoggingTrial - Trying to log an warn
07/06/2022 14:37:41.471 +0530 [ERROR] [main] com.cmt.ncaas.logging.LoggingTrial - Exception occured: 
java.lang.ArithmeticException: / by zero
    at com.cmt.ncaas.logging.LoggingTrial.exceptionLogging(LoggingTrial.java:39)
    at com.cmt.ncaas.logging.LoggingTrial.main(LoggingTrial.java:32)

After this I created an index template with pattern logs-*. But I dont see anything show up in Kibana.

Can you please tell me where I am going wrong. I suspect it is the input section that is messing it up. But being so new, I am not sure what I could change.

Any pointers, i much appreciated. Thanks in advance.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

手长情犹 2025-02-12 04:40:55

您缺少Elasticsearch输出上的“索引”。

如果您没有指定,则将日志进行:

“ logstash-%{+yyyy.mm.dd}”
或者
“ ecs-logstash - %{+yyyy.mm.dd}”

那些不匹配您的logs-*索引模式。

这应该解决:

elasticsearch {
        hosts => ["localhost:9200"]
        index => "logs-%{+YYYY.MM.dd}"
    }

祝您好运

You're missing the "index" on elasticsearch output.

If you don't specify that, the logs are going to either:

"logstash-%{+yyyy.MM.dd}"
OR
"ecs-logstash-%{+yyyy.MM.dd}"

Those do not match your logs-* index pattern.

See the documentation here and search the index section

This should solve:

elasticsearch {
        hosts => ["localhost:9200"]
        index => "logs-%{+YYYY.MM.dd}"
    }

Good luck

回复 原文
~没有更多了~

关于作者

墨小墨

暂无简介

文章
评论
25 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

十二

文章 0 评论 0

飞烟轻若梦

文章 0 评论 0

OPleyuhuo

文章 0 评论 0

wxb0109

文章 0 评论 0

旧城空念

文章 0 评论 0

-小熊_

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文