NagiosLog _grokparsefailure_sysloginput

[list]

We Recieve this message _grokparsefailure_sysloginput with fortigate logs

there is some doc on how to analize the problem or correct this problem? On standard doc i don't find any information, on this forum there is some occurrence but i can't access... so if you can resume this

For my problem of cpu i shutdown all process also httpd and restart, after the cpu return quite normal.

I have in installation into /nagioslogserver path and not into /usr/local/nagioslog so evry time i need to change... i never open an issue for your "simple" setup...

I lost some initscript customizzation that i had found in past into this forum... but i can't access to this info... so you can resume the logstash and elasticserch change for admin problem, for heap size, and so on? there are this into forum

We can't check the plugin list...

logstash/bin] $ ./logstash-plugin list --installed
Gem::LoadError: You have already activated minitar 0.6.1, but your Gemfile requires minitar 0.5.4. Prepending `bundle exec` to your command may solve this.
setup at /nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/bundler-1.9.10/lib/bundler/runtime.rb:34
each at org/jruby/RubyArray.java:1613
each at /nagioslogserver/logstash/vendor/jruby/lib/ruby/1.9/forwardable.rb:201
setup at /nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/bundler-1.9.10/lib/bundler/runtime.rb:19
setup at /nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/bundler-1.9.10/lib/bundler.rb:122
setup! at /nagioslogserver/logstash/lib/bootstrap/bundler.rb:64
execute at /nagioslogserver/logstash/lib/pluginmanager/list.rb:17
run at /nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:67
execute at /nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/subcommand/execution.rb:11
run at /nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:67
run at /nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:132
(root) at /nagioslogserver/logstash/lib/pluginmanager/main.rb:43

The status page not work, as also the ncpa status information

[gormank]

I think that means the defined input doesn't understand the log format. There are a couple RFCs that define syslog type log formats. I'd check to see if that log file format does or doesn't match the RFCs that the input is looking for.