· 6 years ago · Nov 26, 2019, 06:50 PM
1 docker-compose up logstash
2 Creating logstash ... done
3 Attaching to logstash
4 logstash | 2019/11/26 18:21:54 Setting 'xpack.management.elasticsearch.hosts' from environment.
5 logstash | 2019/11/26 18:21:54 Setting 'xpack.management.enabled' from environment.
6 logstash | 2019/11/26 18:21:54 Setting 'xpack.management.pipeline.id' from environment.
7 logstash | 2019/11/26 18:21:54 Setting 'xpack.management.elasticsearch.ssl.certificate_authority' from environment.
8 logstash | 2019/11/26 18:21:54 Setting 'xpack.monitoring.elasticsearch.username' from environment.
9 logstash | 2019/11/26 18:21:54 Setting 'xpack.management.elasticsearch.password' from environment.
10 logstash | 2019/11/26 18:21:54 Setting 'xpack.monitoring.elasticsearch.password' from environment.
11 logstash | 2019/11/26 18:21:54 Setting 'xpack.management.logstash.poll_interval' from environment.
12 logstash | 2019/11/26 18:21:54 Setting 'xpack.monitoring.enabled' from environment.
13 logstash | 2019/11/26 18:21:54 Setting 'xpack.monitoring.elasticsearch.ssl.certificate_authority' from environment.
14 logstash | 2019/11/26 18:21:54 Setting 'xpack.management.elasticsearch.username' from environment.
15 logstash | 2019/11/26 18:21:54 Setting 'xpack.monitoring.elasticsearch.hosts' from environment.
16 logstash | OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
17 logstash | WARNING: An illegal reflective access operation has occurred
18 logstash | WARNING: Illegal reflective access by com.headius.backport9.modules.Modules (file:/usr/share/logstash/logstash-core/lib/jars/jruby-complete-9.2.8.0.jar) to field java.io.FileDescriptor.fd
19 logstash | WARNING: Please consider reporting this to the maintainers of com.headius.backport9.modules.Modules
20 logstash | WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
21 logstash | WARNING: All illegal access operations will be denied in a future release
22 logstash | Thread.exclusive is deprecated, use Thread::Mutex
23 logstash | Sending Logstash logs to /usr/share/logstash/logs which is now configured via log4j2.properties
24 logstash | [2019-11-26T18:22:05,379][INFO ][logstash.setting.writabledirectory] Creating directory {:setting=>"path.queue", :path=>"/usr/share/logstash/data/queue"}
25 logstash | [2019-11-26T18:22:05,392][INFO ][logstash.setting.writabledirectory] Creating directory {:setting=>"path.dead_letter_queue", :path=>"/usr/share/logstash/data/dead_letter_queue"}
26 logstash | [2019-11-26T18:22:05,420][INFO ][logstash.configmanagement.bootstrapcheck] Using Elasticsearch as config store {:pipeline_id=>["test_cpm", "test", "beats"], :poll_interval=>"10000000000ns"}
27 logstash | [2019-11-26T18:22:05,866][INFO ][logstash.licensechecker.licensereader] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://logstash_user:xxxxxx@192.168.178.100:9200/]}}
28 logstash | [2019-11-26T18:22:06,158][WARN ][logstash.licensechecker.licensereader] Restored connection to ES instance {:url=>"https://logstash_user:xxxxxx@192.168.178.100:9200/"}
29 logstash | [2019-11-26T18:22:06,193][INFO ][logstash.licensechecker.licensereader] ES Output version determined {:es_version=>7}
30 logstash | [2019-11-26T18:22:06,195][WARN ][logstash.licensechecker.licensereader] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
31 logstash | [2019-11-26T18:22:06,316][INFO ][logstash.configmanagement.elasticsearchsource] Configuration Management License OK
32 logstash | [2019-11-26T18:22:06,530][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"7.4.2"}
33 logstash | [2019-11-26T18:22:06,547][INFO ][logstash.agent ] No persistent UUID file found. Generating new UUID {:uuid=>"aef8d16c-df88-4c55-ab96-b1f02d49a890", :path=>"/usr/share/logstash/data/uuid"}
34 logstash | [2019-11-26T18:22:07,128][INFO ][logstash.licensechecker.licensereader] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://logstash_user:xxxxxx@192.168.178.100:9200/]}}
35 logstash | [2019-11-26T18:22:07,164][WARN ][logstash.licensechecker.licensereader] Restored connection to ES instance {:url=>"https://logstash_user:xxxxxx@192.168.178.100:9200/"}
36 logstash | [2019-11-26T18:22:07,174][INFO ][logstash.licensechecker.licensereader] ES Output version determined {:es_version=>7}
37 logstash | [2019-11-26T18:22:07,174][WARN ][logstash.licensechecker.licensereader] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
38 logstash | [2019-11-26T18:22:07,206][INFO ][logstash.monitoring.internalpipelinesource] Monitoring License OK
39 logstash | [2019-11-26T18:22:07,206][INFO ][logstash.monitoring.internalpipelinesource] Validated license for monitoring. Enabling monitoring pipeline.
40 logstash | [2019-11-26T18:22:07,267][INFO ][logstash.configmanagement.elasticsearchsource] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://logstash_user:xxxxxx@192.168.178.100:9200/]}}
41 logstash | [2019-11-26T18:22:07,298][WARN ][logstash.configmanagement.elasticsearchsource] Restored connection to ES instance {:url=>"https://logstash_user:xxxxxx@192.168.178.100:9200/"}
42 logstash | [2019-11-26T18:22:07,309][INFO ][logstash.configmanagement.elasticsearchsource] ES Output version determined {:es_version=>7}
43 logstash | [2019-11-26T18:22:07,309][WARN ][logstash.configmanagement.elasticsearchsource] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
44 logstash | [2019-11-26T18:22:08,408][INFO ][org.reflections.Reflections] Reflections took 23 ms to scan 1 urls, producing 20 keys and 40 values
45 logstash | [2019-11-26T18:22:08,583][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://logstash_user:xxxxxx@192.168.178.100:9200/]}}
46 logstash | [2019-11-26T18:22:08,613][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"https://logstash_user:xxxxxx@192.168.178.100:9200/"}
47 logstash | [2019-11-26T18:22:08,619][INFO ][logstash.outputs.elasticsearch] ES Output version determined {:es_version=>7}
48 logstash | [2019-11-26T18:22:08,620][WARN ][logstash.outputs.elasticsearch] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
49 logstash | [2019-11-26T18:22:08,678][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["https://192.168.178.100:9200"]}
50 logstash | [2019-11-26T18:22:08,731][INFO ][logstash.outputs.elasticsearch] Using default mapping template
51 logstash | [2019-11-26T18:22:08,754][WARN ][org.logstash.instrument.metrics.gauge.LazyDelegatingGauge] A gauge metric of an unknown type (org.jruby.specialized.RubyArrayOneObject) has been create for key: cluster_uuids. This may result in invalid serialization. It is recommended to log an issue to the responsible developer/development team.
52 logstash | [2019-11-26T18:22:08,757][INFO ][logstash.javapipeline ] Starting pipeline {:pipeline_id=>"test", "pipeline.workers"=>1, "pipeline.batch.size"=>10, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>10, :thread=>"#<Thread:0x674bad35 run>"}
53 logstash | [2019-11-26T18:22:08,782][INFO ][logstash.javapipeline ] Pipeline started {"pipeline.id"=>"test"}
54 logstash | [2019-11-26T18:22:08,783][INFO ][logstash.outputs.elasticsearch] Attempting to install template {:manage_template=>{"index_patterns"=>"logstash-*", "version"=>60001, "settings"=>{"index.refresh_interval"=>"5s", "number_of_shards"=>1}, "mappings"=>{"dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"*", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date"}, "@version"=>{"type"=>"keyword"}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}
55 logstash | [2019-11-26T18:22:08,856][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:test], :non_running_pipelines=>[]}
56 logstash | [2019-11-26T18:22:09,526][WARN ][logstash.outputs.elasticsearch] You are using a deprecated config setting "document_type" set in elasticsearch. Deprecated settings will continue to work, but are scheduled for removal from logstash in the future. Document types are being deprecated in Elasticsearch 6.0, and removed entirely in 7.0. You should avoid this feature If you have any questions about this, please visit the #logstash channel on freenode irc. {:name=>"document_type", :plugin=><LogStash::Outputs::ElasticSearch bulk_path=>"/_monitoring/bulk?system_id=logstash&system_api_version=7&interval=1s", ssl_certificate_verification=>false, password=><password>, hosts=>[https://192.168.178.100:9200], cacert=>"/usr/share/logstash/certs/ca/ca.crt", sniffing=>false, manage_template=>false, id=>"0dbbfa418f781b7b1b1a0448018d74a0d46a10bd3272c80883fcb4bac45cc857", user=>"logstash_user", ssl=>true, document_type=>"%{[@metadata][document_type]}", enable_metric=>true, codec=><LogStash::Codecs::Plain id=>"plain_a42e1154-9ddc-4cd0-ae80-62a68f0577b0", enable_metric=>true, charset=>"UTF-8">, workers=>1, template_name=>"logstash", template_overwrite=>false, doc_as_upsert=>false, script_type=>"inline", script_lang=>"painless", script_var_name=>"event", scripted_upsert=>false, retry_initial_interval=>2, retry_max_interval=>64, retry_on_conflict=>1, ilm_enabled=>"auto", ilm_rollover_alias=>"logstash", ilm_pattern=>"{now/d}-000001", ilm_policy=>"logstash-policy", action=>"index", sniffing_delay=>5, timeout=>60, pool_max=>1000, pool_max_per_route=>100, resurrect_delay=>5, validate_after_inactivity=>10000, http_compression=>false>}
57 logstash | [2019-11-26T18:22:09,545][WARN ][logstash.outputs.elasticsearch] ** WARNING ** Detected UNSAFE options in elasticsearch output configuration!
58 logstash | ** WARNING ** You have enabled encryption but DISABLED certificate verification.
59 logstash | ** WARNING ** To make sure your data is secure change :ssl_certificate_verification to true
60 logstash | [2019-11-26T18:22:09,559][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://logstash_user:xxxxxx@192.168.178.100:9200/]}}
61 logstash | [2019-11-26T18:22:09,579][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"https://logstash_user:xxxxxx@192.168.178.100:9200/"}
62 logstash | [2019-11-26T18:22:09,585][INFO ][logstash.outputs.elasticsearch] ES Output version determined {:es_version=>7}
63 logstash | [2019-11-26T18:22:09,586][WARN ][logstash.outputs.elasticsearch] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
64 logstash | [2019-11-26T18:22:09,593][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["https://192.168.178.100:9200"]}
65 logstash | [2019-11-26T18:22:09,600][INFO ][logstash.javapipeline ] Starting pipeline {:pipeline_id=>".monitoring-logstash", "pipeline.workers"=>1, "pipeline.batch.size"=>2, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>2, :thread=>"#<Thread:0xb339f58 run>"}
66 logstash | [2019-11-26T18:22:09,637][INFO ][logstash.javapipeline ] Pipeline started {"pipeline.id"=>".monitoring-logstash"}
67 logstash | [2019-11-26T18:22:09,645][INFO ][logstash.agent ] Pipelines running {:count=>2, :running_pipelines=>[:test, :".monitoring-logstash"], :non_running_pipelines=>[]}
68 logstash | [2019-11-26T18:22:09,827][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}