在 Windows 上配置 Logstash
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17604061/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Configuring Logstash on Windows
提问by user2406467
I am trying to feed log files into Logstash on a Windows machine. I tried following the tutorial at http://logstash.net/docs/1.1.13/tutorials/getting-started-simple, and am now stuck on the "Continuing on" part. This is what my logstash-simple.conf file looks like:
我正在尝试将日志文件提供给 Windows 机器上的 Logstash。我尝试按照http://logstash.net/docs/1.1.13/tutorials/getting-started-simple 上的教程进行操作,现在卡在“继续”部分。这是我的 logstash-simple.conf 文件的样子:
input {
stdin {
type => "stdin-type"
}
file {
type => "syslog"
# Wildcards work, here :)
path => [ "C:/Results/test.txt" ]
}
}
output {
stdout { }
elasticsearch { embedded => true }
}
I have tried all kinds of combinations of forward slashes, backward slashes, etc., and I get a "The filename, directory name, or volume label syntax is incorrect."
我尝试了正斜杠、反斜杠等的各种组合,但得到“文件名、目录名或卷标语法不正确”。
Any tips?
有小费吗?
Also - will it recursively look through the directory if I specify C:/Results/* (and that dir has multiple subdirs)?
另外 - 如果我指定 C:/Results/* (并且该目录有多个子目录),它会递归查看目录吗?
回答by Chakra Yadavalli
Logstash globs support ** pattern.
Logstash globs 支持 ** 模式。
To search the directories recursively for log files under c:/results with extension *.log, you could specify ** glob pattern as follows:
要在 c:/results 下递归搜索目录中扩展名为 *.log 的日志文件,您可以指定 ** glob 模式,如下所示:
file {
type => "syslog"
path => ["c:/results/**/*.log"]
}
As a side note, while working with logstash on windows you may want to use lowercase directory and file names and lowercase drive letters to save yourself some trouble. There seems to be windows related bug in Logstash 1.1.13 which is the latest version as of date.
附带说明一下,在 Windows 上使用 logstash 时,您可能希望使用小写的目录和文件名以及小写的驱动器号来省去一些麻烦。Logstash 1.1.13 中似乎存在与 Windows 相关的错误,这是迄今为止的最新版本。
