1. There is a pit in upgrading logstash to logstash-5.3.1
. The original version 5.0.0 was used. If the client log4j cannot connect, it will report: socket write error. Just after the upgrade.
2. input configuration
input{ log4j { host => "192.168.3.143" port => 4560 } }
3. Apply log4j.properties configuration
log4j.appender.logstash=org.apache.log4j.net.SocketAppender log4j.appender.logstash.Port=4560 log4j.appender.logstash.RemoteHost=192.168.3.143 log4j.appender.logstash.ReconnectionDelay=60000 #LocationInfo=true: Output java file name and line number, the default value is false log4j.appender.logstash.LocationInfo=true log4j.appender.logstash.Threshold=INFO