Issues updating logstash filters..
Posted: Wed Sep 25, 2019 1:31 pm
I'm attempting to add a new filter to logstash on our NLS cluster.
I am adding the below filter to try and cut out some noise from our windows event logs.
i get the below error when trying to verify the config:
Any ideas? Thanks in advance.
I am adding the below filter to try and cut out some noise from our windows event logs.
Code: Select all
if [type] == 'eventlog' {
if [Severity] == 'INFO' {
drop {}
}
}
Code: Select all
{:timestamp=>"2019-09-25T11:25:38.245000-0700", :message=>"An unexpected error occurred!", :error=>"No config files found: /usr/local/nagioslogserver/tmp5d8bb11952877\nCan you make sure this path is a logstash config file?", :class=>"RuntimeError", :backtrace=>["/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/config/loader.rb:58:in `local_config'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/config/loader.rb:37:in `load_config'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/config/loader.rb:17:in `format_config'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/agent.rb:185:in `execute'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/runner.rb:94:in `run'", "org/jruby/RubyProc.java:281:in `call'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/runner.rb:99:in `run'", "org/jruby/RubyProc.java:281:in `call'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/stud-0.0.23/lib/stud/task.rb:24:in `initialize'"], :level=>:warn}
Any ideas? Thanks in advance.