logstash output

1. user@vkc-docker:~/mydockerbuild$ docker run --name netflow -p 9995:9995/udp --link elastic:elasticsearch netflow-logstash -e 'input {
2. udp {
3. port => 9995
4. type => "netflow"
5. codec => netflow {
6. versions => [5,9,10]
7. }
8. }
9. }
10.  
11. output {
12. if [type] == "netflow" {
13. elasticsearch {
14. hosts => localhost
15. index => "netflow-%{+YYYY.MM.dd}"
16. }
17. }
18. }'
19. Sending Logstash's logs to /usr/share/logstash/logs which is now configured via log4j2.properties
20. 07:17:41.924 [main] INFO logstash.setting.writabledirectory - Creating directory {:setting=>"path.queue", :path=>"/usr/share/logstash/data/queue"}
21. 07:17:42.706 [LogStash::Runner] INFO logstash.agent - No persistent UUID file found. Generating new UUID {:uuid=>"bcf127b3-f9ff-4f80-8a99-15cacdbe01f7", :path=>"/usr/share/logstash/data/uuid"}
22. 07:17:45.049 [[main]<udp] INFO logstash.inputs.udp - Starting UDP listener {:address=>"0.0.0.0:9995"}
23. 07:17:45.093 [[main]<udp] INFO logstash.inputs.udp - UDP listener started {:address=>"0.0.0.0:9995", :receive_buffer_bytes=>"106496", :queue_size=>"2000"}
24. 07:17:45.562 [[main]-pipeline-manager] INFO logstash.outputs.elasticsearch - Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>["http://localhost:9200"]}}
25. 07:17:45.568 [[main]-pipeline-manager] INFO logstash.outputs.elasticsearch - Running health check to see if an Elasticsearch connection is working {:url=>#<URI::HTTP:0x307922ef URL:http://localhost:9200>, :healthcheck_path=>"/"}
26. 07:17:45.763 [[main]-pipeline-manager] WARN logstash.outputs.elasticsearch - Attempted to resurrect connection to dead ES instance, but got an error. {:url=>#<URI::HTTP:0x307922ef URL:http://localhost:9200>, :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://localhost:9200][Manticore::SocketException] Connection refused (Connection refused)"}
27. 07:17:45.769 [[main]-pipeline-manager] INFO logstash.outputs.elasticsearch - Using mapping template from {:path=>nil}
28. 07:17:45.786 [[main]-pipeline-manager] WARN logstash.outputs.elasticsearch - Marking url as dead. {:reason=>"Elasticsearch Unreachable: [http://localhost:9200][Manticore::SocketException] Connection refused (Connection refused)", :url=>#<URI::HTTP:0x76a16bbe URL:http://localhost:9200>, :error_message=>"Elasticsearch Unreachable: [http://localhost:9200][Manticore::SocketException] Connection refused (Connection refused)", :error_class=>"LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError"}
29. 07:17:45.789 [[main]-pipeline-manager] ERROR logstash.outputs.elasticsearch - Failed to install template. {:message=>"Elasticsearch Unreachable: [http://localhost:9200][Manticore::SocketException] Connection refused (Connection refused)", :class=>"LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError"}
30. 07:17:45.792 [[main]-pipeline-manager] INFO logstash.outputs.elasticsearch - New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["localhost"]}
31. 07:17:45.795 [[main]-pipeline-manager] INFO logstash.pipeline - Starting pipeline {"id"=>"main", "pipeline.workers"=>1, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>125}
32. 07:17:45.801 [[main]-pipeline-manager] INFO logstash.pipeline - Pipeline main started
33. 07:17:45.906 [Api Webserver] INFO logstash.agent - Successfully started Logstash API endpoint {:port=>9600}
34. 07:17:47.028 [<udp.0] WARN logstash.codecs.netflow - No matching template for flow id 256
35. 07:17:50.773 [Ruby-0-Thread-8: /usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-5.4.0-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:188] INFO logstash.outputs.elasticsearch - Running health check to see if an Elasticsearch connection is working {:url=>#<URI::HTTP:0x2b969851 URL:http://localhost:9200>, :healthcheck_path=>"/"}
36. 07:17:50.797 [Ruby-0-Thread-8: /usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-5.4.0-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:188] WARN logstash.outputs.elasticsearch - Attempted to resurrect connection to dead ES instance, but got an error. {:url=>#<URI::HTTP:0x2b969851 URL:http://localhost:9200>, :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://localhost:9200][Manticore::SocketException] Connection refused (Connection refused)"}
37. 07:17:55.799 [Ruby-0-Thread-8: /usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-5.4.0-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:188] INFO logstash.outputs.elasticsearch - Running health check to see if an Elasticsearch connection is working {:url=>#<URI::HTTP:0x278e2f99 URL:http://localhost:9200>, :healthcheck_path=>"/"}
38. 07:17:55.810 [Ruby-0-Thread-8: /usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-5.4.0-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:188] WARN logstash.outputs.elasticsearch - Attempted to resurrect connection to dead ES instance, but got an error. {:url=>#<URI::HTTP:0x278e2f99 URL:http://localhost:9200>, :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://localhost:9200][Manticore::SocketException] Connection refused (Connection refused)"}