Logstash 7.10.02 failed to start on windows

Question

I tried starting the logstash with the below command

logstash-7.10.2\logstash -f logstash.conf

logstash.conf

input{
    file{
        path => "D://server.log" start_position=> "beginning" type => "logs"
    }
}
filter {
  grok {
        match => {"message" => "%{TIMESTAMP_ISO8601:logtime} \[%{NOTSPACE:thread}\] \[%{LOGLEVEL:loglevel}\] %{GREEDYDATA:line}"
        }  
    }
}
output {
    if "ERROR" in [loglevel]
    { 
        elasticsearch { 
        hosts => ["localhost:9200"] 
        index => "logstash" 
    }
    }
}

command prompt displayed the below text and did not start logstash.

Using JAVA_HOME defined java: C:\Program Files\Java\jdk1.8.0_221; WARNING, using JAVA_HOME while Logstash distribution comes with a bundled JDK warning: ignoring JAVA_OPTS=-Xms64m -Xmx128m -XX:NewSize=64m -XX:MaxNewSize=64m -XX:PermSize=64m -XX:MaxPermSize=64m; pass JVM parameters via LS_JAVA_OPTS

No error logs were created.

Answer 1

Have you tried staring logstash in debug mode .

--log.level DEBUG

Answer 2

Pipeline looks okay. Can you try adding below output to see if you the pattern and log data matches. Just to rule out any grokparsefailures.

output {
    stdout { codec => rubydebug }
    if "ERROR" in [loglevel]
    { 
        elasticsearch { 
        hosts => ["localhost:9200"] 
        index => "logstash" 
    }
    }
}