我正在尝试使用 softflowd 将 netflow 数据导出到 logstash/elastic 搜索,但遇到了一些问题。尝试阅读这篇文章:https ://www.rsreese.com/parsing-netflow-using-kibana-via-logstash-to-elasticsearch/
目前,我正在运行弹性搜索,将 netflow 数据从特定接口导出到 127.0.0.1:12345 并尝试启动 logstash。
错误日志:
警告:线程“Converge PipelineAction::Create”因异常而终止(report_on_exception 为真):LogStash::Error: 不知道如何处理
在 org/logstash/execution/ConvergeResultExt.java:135 处的Java::JavaLang::IllegalStateException创建PipelineAction::Create<main>org/logstash/execution/ConvergeResultExt.java:60 收敛状态在 /home/kalit/Desktop/Netflow/logstash-7.14.1/logstash-core/lib/logstash/agent.rb:404 [2021-09-17T00:49: 13,205][ERROR][logstash.agent] 聚合配置时发生异常 {:exception=>LogStash::Error, :message=>"Don't know how to handle Java::JavaLang::IllegalStateExceptionfor PipelineAction::Create<main>"} [2021-09-17T00:49: 13,219][FATAL][logstash.runner] 发生意外错误!{:error=>#<LogStash::Error: 不知道如何Java::JavaLang::IllegalStateException处理PipelineAction::Create<main>>, :backtrace=>["org/logstash/execution/ConvergeResultExt.java:135:in create'", "org/logstash/execution/ConvergeResultExt.java:60:in add'", "/home/kalit/Desktop/Netflow/logstash-7.14.1/logstash-core/lib/logstash/agent .rb:404:in `block in converge_state'"]} [2021-09-17T00:49:13,229][FATAL][org.logstash.Logstash ] Logstash 因错误停止处理:(SystemExit) exit org.jruby .exceptions.SystemExit: (SystemExit) 退出 org.jruby.RubyKernel.exit(org/jruby/RubyKernel.java:747) ~[jruby-complete-9.2.19.0.jar:?] at org.jruby.RubyKernel.exit (org/jruby/RubyKernel.java:710) ~[jruby-complete-9.2.19.0.jar:?] 在 home.kalit.Desktop.Netflow.logstash_minus_7_dot_14_dot_1.lib.bootstrap.environment.(/home/kalit/Desktop/ Netflow/logstash-7.14.1/lib/bootstrap/environment.rb:89) ~[?:?]
有谁知道如何修理它?或者任何人都可以分享一些使用 softflowd、logstash、弹性搜索、kibana 进行网络流分析的文章吗?
谢谢你。