Docker 停靠的日志库正在生成巨大的日志文件
我正在AWS ECS中运行一个日志存储容器,如下图所示Docker 停靠的日志库正在生成巨大的日志文件,docker,logstash,aws-ecs,Docker,Logstash,Aws Ecs,我正在AWS ECS中运行一个日志存储容器,如下图所示 docker.elastic.co/logstash/logstash:5.5.3 一切都是默认的,我没有使用标准输出插件。但是logstash仍然将所有日志项输出到stdout,并且容器正在生成一个巨大的日志文件 /var/lib/docker/containers/51889a642e7e1252b5825379b11cea4e064cda519e8a6a4194335d9e8eb11616/51889a642e7e1252b5825
docker.elastic.co/logstash/logstash:5.5.3
/var/lib/docker/containers/51889a642e7e1252b5825379b11cea4e064cda519e8a6a4194335d9e8eb11616/51889a642e7e1252b5825379b11cea4e064cda519e8a6a4194335d9e8eb11616-json.log
logstash--日志驱动程序nonelogstash.conflogstash.yml[ec2-user@ip-xxxxx logstash]$ cat logstash.conf
input {
sqs {
queue => "compute-logs"
polling_frequency => 5
region => "ap-southeast-1"
type => "compute-logs"
}
}
...
output {
elasticsearch {
codec => "json"
hosts => "https://xxxxx.ap-southeast-1.es.amazonaws.com:443"
user => "logstash"
index => "%{name}"
template => "/usr/share/logstash/config/elasticsearch_template.json"
template_name => "logstash"
template_overwrite => true
}
}
[ec2-user@ip-xxxxx logstash]$ ls
elasticsearch_template.json logstash.conf logstash.yml
[ec2-user@ip-xxxxx logstash]$ cat logstash.yml
http.host: "0.0.0.0"
path.config: /usr/share/logstash/pipeline
xpack.monitoring.elasticsearch.url: http://elasticsearch:9200
xpack.monitoring.elasticsearch.username: logstash_system
xpack.monitoring.elasticsearch.password: changeme
xpack.monitoring.enabled: false
log.level: error
services:
logstash:
image: docker.elastic.co/logstash/logstash:6.4.2
ports:
- 25000:25000
- 25000:25000/udp
logging:
options:
max-size: "10m"
max-file: "10"
请共享您的日志存储配置文件。添加了@whites11,您仍然可以在日志中看到您的事件吗?真奇怪。你确定logstash确实在使用你的配置文件吗?@whites11你是对的,我把
logstash.conflogstash.jsonlogstash.conf