Debug FluentD data not sent to ElasticSearch
Quote from moshe on 18/10/2020, 8:48 amProblem
Fluentd logs not being sent to ElasticSearch
Solution
Create the following configuration for Fluentd to send logs to ElasticSearch
<label @mainstream>
<match **>
@type copy<store>
@type elasticsearch
host elasticsearch
port 9200
logstash_format true
logstash_prefix fluentd
logstash_dateformat %Y%m%d
include_tag_key true
type_name access_log
tag_key @log_name
<buffer>
flush_mode interval
flush_interval 1s
retry_type exponential_backoff
flush_thread_count 2
retry_forever true
retry_max_interval 30
chunk_limit_size 2M
queue_limit_length 8
overflow_action block
</buffer>
</store></match>
</label>Run tcpdump to examine outgoing requests
sudo tcpdump -i eth0 tcp port 24224 -X -s 0 -nn
Note
Attached configuration with tabs ident
Problem
Fluentd logs not being sent to ElasticSearch
Solution
Create the following configuration for Fluentd to send logs to ElasticSearch
<label @mainstream>
<match **>
@type copy<store>
@type elasticsearch
host elasticsearch
port 9200
logstash_format true
logstash_prefix fluentd
logstash_dateformat %Y%m%d
include_tag_key true
type_name access_log
tag_key @log_name
<buffer>
flush_mode interval
flush_interval 1s
retry_type exponential_backoff
flush_thread_count 2
retry_forever true
retry_max_interval 30
chunk_limit_size 2M
queue_limit_length 8
overflow_action block
</buffer>
</store></match>
</label>
Run tcpdump to examine outgoing requests
sudo tcpdump -i eth0 tcp port 24224 -X -s 0 -nn
Note
Attached configuration with tabs ident
Uploaded files: