forked from elkninja/elastic-stack-docker-part-one
-
Notifications
You must be signed in to change notification settings - Fork 0
/
logstash.conf
27 lines (25 loc) · 1.15 KB
/
logstash.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
input {
file {
#https://www.elastic.co/guide/en/logstash/current/plugins-inputs-file.html
#default is TAIL which assumes more data will come into the file.
#change to mode => "read" if the file is a complete file.
#by default, the file will be removed once reading is complete -- backup your files if you need them.
# we will be using READ with the completed file action to log to a file.
mode => "read"
path => "/usr/share/logstash/ingest_data/*.csv" #specifying only csv files.
exit_after_read => true # this tells logstash to exit after reading the file. This is useful for running logstash as a "job". if you want logstash to continue to run and monitor for files, remove this line.
file_completed_action => "log" # this tells logstash to log to the file specified in file_completed_log_path once its done reading the input file.
file_completed_log_path => "/usr/share/logstash/ingest_data/logstash_completed.log"
}
}
filter {
}
output {
elasticsearch {
index => "logstash-%{+YYYY.MM.dd}"
hosts=> "${ELASTIC_HOSTS}"
user=> "${ELASTIC_USER}"
password=> "${ELASTIC_PASSWORD}"
cacert=> "certs/ca/ca.crt"
}
}