问题
I have an elasticsearch cluster (ELK) and some nodes sending logs to the logstash using filebeat.
Lately I added a new application server, who is sending logs to my logstash using python-logstash.
My logstash input configuration looks something like this :
input {
beats {
type => beats
port => 5044
}
udp {
port => 5044
}
}
My application server sends the logs successfully to the logstash. On my logstash machine I tried to run the following command:
tcpdump -nn | grep x.x.x.x
x.x.x.x is the ip of my application server.
My code is :
self.logger=logging.getLogger(logger_name)
self.logger.addHandler(logstash.UDPLogstashHandler(ELASTICSEARCH_LOGSTASH_SERVER, 5044, version=1, message_type='bla',fqdn=elastic_fqdn))
elastic_fqdn is the hostname of the hosted server.
I was able to see the packets, they looked fine (udp, port 5044), but I couldn't see any document in my kibana/elasticsearch.
Thanks for your help :)
来源:https://stackoverflow.com/questions/37658857/python-logstash-not-working