Logstash not working

Question

Logstash not working

Closed this issue 5 years ago · 3 comments

tophertimzen commented 6 years ago

Logstash no longer works on Kali 2019.3a

Answer 1 · 2019-05-07T17:20:18.000Z

It also is not working on Ubuntu 18.04 without some tampering. Need to automate better.

Answer 2 · 2019-05-30T18:04:08.000Z

I am not sure exactly what is happening here, but as of May 30th a fresh deployment is working with Logstash.

root@homebase:/etc/logstash# java -version
openjdk version "1.8.0_212"
OpenJDK Runtime Environment (build 1.8.0_212-8u212-b03-0ubuntu1.18.04.1-b03)
OpenJDK 64-Bit Server VM (build 25.212-b03, mixed mode)
root@homebase:/etc/logstash# uname -a
Linux homebase 4.15.0-42-generic #45-Ubuntu SMP Thu Nov 15 19:32:57 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
root@homebase:/etc/logstash# cat /etc/os-release 
NAME="Ubuntu"
VERSION="18.04.2 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.2 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
root@homebase:/etc/logstash# /usr/share/logstash/bin/logstash  --version
logstash 5.6.16

Answer 3 · 2019-05-30T18:07:01.000Z

logstash 5.6.16 is likely the reason why this works. We used to install 5.1.0 in external/global/host-share/setup.sh and now we install logstash in the site.pp of each instance. It is likely that 5.6.16 is installed as the default puppet package now, which fixed whatever issue we had. If this happens again, we can hardcode the version that works, although that is not optimal.