Stack Overflow
Stack Overflow

Questions tagged [elastic-stack]

Elastic Stack combines the Elasticsearch, Logstash, Kibana, and the Beats Framework to provide real-time insights of any type of structured or unstructured data.

Elastic Stack combines the , , , and the Beats Framework to provide real-time insights of any type of structured or unstructured data.

In 2015, Elastic introduced the Beats framework (,,) into their stack and decided to rename the ELK Stack to the Elastic Stack

3683 questions
1
vote
3 answers

How do I increment my count field of my document from logstash?

I want to update one field of my document/log in elasticsearch from logstash. My logstash conf file input { http { host => "127.0.0.1" # default: 0.0.0.0 port => 31311 # default: 8080 } } output { stdout { codec => json }, …
nm10
  • 41
  • 1
  • 7
1
vote
3 answers

Running kibana 4 as a service in CentOS

I'm trying to use Kibana 4 as a service. I've tried this repository code https://github.com/cjcotton/init-kibana/blob/master/kibana changing KIBANA_BIN to KIBANA_BIN=/usr/local/kibana/bin but it doesn't work. I dont know what to put in the…
billy6
  • 103
  • 3
  • 10
1
vote
1 answer

Logstash zabbix output

This is my logstash.conf file. I am trying use logstash-output-zabbix plugin for alerting. But getting this error... Field referenced by log_getter is missing {:level=>:warn} I have a host named ELK in zabbix server with a log_getter item and hello…
sinshiva
  • 407
  • 6
  • 16
1
vote
1 answer

ELK: Merge multiple events into one

My system logs requests. If and when a response arrives, I want to have it logged with the request object. Meaning, when I query ElasticSearch for activity, I'll get a row for each request, either containing a response or not. This is similar to an…
Dor Rotman
  • 1,511
  • 1
  • 15
  • 27
1
vote
4 answers

Email alert with Logstash

I have configured an elk stack (Logstash, Elastic search and and kibana)and we have a custom log file as below. 05/August/2015:16:55:10 : www.****.com : statuscode = 200 : Time in seconds to load = 0.734 05/August/2015:16:55:11 : ****.my :…
Manoj J
  • 21
  • 1
  • 3
1
vote
1 answer

Logstash - JSON parse list

I'm really liking ELK for parsing the logs. However, I'm stuck at a point where it needs to parse a list of dictionaries. Following are my logs:- IP - - 0.000 0.000 [24/May/2015:06:51:13 +0000] *"POST /c.gif HTTP/1.1"* 200 4 *…
Praful Bagai
  • 16,684
  • 50
  • 136
  • 267
1
vote
1 answer

Display multiline rows in Kibana 4

I am using ELK stack to process logs containing java exceptions spanning over multiple lines. I am using a table visualization to display exceptions. But I can only see first line of exceptions in the table. Is there a way to display entire…
Yellowjacket
  • 548
  • 2
  • 7
  • 19
1
vote
2 answers

using query_string query with bool in elastic search causing parsing exception

Why is this query giving me a parsing exception? If I remove the bool it does seem to work. But I need the bool there with the query_string. How can I make this work? { "query": { "filtered": { "query": { …
Horse Voice
  • 8,138
  • 15
  • 69
  • 120
1
vote
2 answers

Grok pattern for tomcat logs gives compile error on Grok Debugger

I am trying to setup ELK for a Java application. The tomcat logs are produced using log4j. To write a test a pattern, I am using Grok Debugger. But on the debugger it always shows Compile ERROR My log sample: YYYY-MM-DD HH:MM:SS,SSS INFO :…
mathakoot
  • 1,692
  • 2
  • 14
  • 26
1
vote
2 answers

how to generate new fields in logstash

I need to generate the new fields (loglevel) using logstash,finally displaying in kibana. How to extract this log and make the pattern using grok filter for this log. How to create the field of loglevel using logstash configuration.
Anilkumar Bathula
  • 278
  • 3
  • 18
1
vote
2 answers

ELK – Logstash Email Alerting Config Issues

I've been playing around with logstash and wanting to know how to exactly configure email alerting correctly. I'm looking to pick up the string "BVDCS_LAP" and send a mail onto that address given. The config I have is: input { udp { port…
Ben Lavender
  • 146
  • 7
1
vote
0 answers

Docker ELK stack with docker-py

I'm trying to deploy an ELK stack with docker-py on a VirtualBox VM running Ubuntu 14.04. Currently running docker version 1.7 and am using the Docker Hub library official containers for elasticsearch, kibana, and logstash. I have written a short…
onizo
  • 11
  • 3
1
vote
1 answer

Timestamp difference in Elasticsearch

I know this has been asked, but ELK seems to be changing very rapidly and maybe something is possible at this point. So, I'm using Kibana 4 and I'm trying to visualize (or at least calculate) time difference between two docs in the query. My docs…
Dauta
  • 39
  • 1
  • 4
1
vote
2 answers

Logstash not_analyzed

I am a total newby to the ELK stack and probably trying to setup a much to complicated config to start with... :-) I am running the whole stack on a windows 7 laptop. and I am importing a CSV which goes well but I cannot get the string field to be…
Jeroen
  • 23
  • 5
1
vote
1 answer

What is better: logStash agents on the appserver or the remote kibana server?

I have 12 log (log4j) files I want to be indexed in Logstash/Kibana. Is it best to change each log4j.xml file to append to single logstash agent on the local host (1 to 1 mapping), that in turn pushes to ElasticSearch on the remote host where Kibana…
jeff porter
  • 6,560
  • 13
  • 65
  • 123
1 2 3
99 100