Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [logstash]

logstash is a tool for collecting and distributing log events.

logstash is a free and open source tool (apache 2.0 license) for managing events and logs. It can be used to collect and parse logs, and distribution to other indexing systems. It has a web interface for searching and drilling into the logs.

260 questions
0
votes
1 answer

Multiple instances of Logstash + Elasticsearch on AWS

I have setup a Cloudformation template to start an instance where Logstash and Elasticsearch (not embedded) are installed. I have standard tcp input configured on Logstash and output it to an Elasticsearch cluster. When I start multiple instances,…
Bastien974
  • 1,896
  • 12
  • 44
  • 62
0
votes
2 answers

Java process restarting prematurely under runit

I'm attempting to run Logstash under supervision with runit. My run script for Logstash is simply #!/bin/sh SSL_CERT_DIR=/etc/ssl/certs exec /usr/bin/java -jar /usr/local/bin/logstash.jar agent -f /tmp/logstash.conf --log /var/log/logstash.log If I…
Gordon Seidoh Worley
  • 141
  • 1
  • 8
0
votes
0 answers

Configuring LogStash properly w/ nxlog

I'm looking for a good configuration that sends most System, Application and Security events to an output. I would have thought this configuration would work, but it seems that I get no logs from Security at all: define ROOT C:\Program Files…
Henrik
  • 386
  • 2
  • 4
  • 13
0
votes
1 answer

Log Rotation Causing nxlog Failure

I'm using nxlog to watch two vCenter log files on a Windows Server 2008 system and I have a very simple config to ship messages to Logstash. Nxlog began failing yesterday after a file was rotated. Here's my config: Module …
HarryTruman
  • 11
  • 1
  • 6
0
votes
0 answers

Logstash cloudwatch plugin behavior

We have an ELK stack set up on an ec2 instance that stopped working a month ago and I just got it working again (the problem was credentials with the cloudwatch logstash plugin). What is strange is that it seems to be ingesting logs from over two…
maximosis
  • 1
0
votes
1 answer

Can logstash "pull" data?

I have two servers. Server A is running Elasticsearch and Logstash. Server B is running filebeat and is also the server which contains all the logs I'm trying to analyse. Server A is behind a firewall, it can reach out to the internet, but there's…
Aditya K
  • 923
  • 3
  • 13
  • 24
0
votes
1 answer

How to display the logs of a VM on ELK stack which is running on another VM?

-ELK is running on localhost & successfully getting logs. -Both VM's are on same server. -OS on both VM'S is Ubuntu 18-04 LTS.
Baqir kazmi
  • 13
  • 1
  • 5
0
votes
1 answer

I used elk+redis+filebeat to build the logging platform, and now after redis is replaced by codis, logstash reports???

I used elk+redis+filebeat to build the logging platform, and now after redis is replaced by codis, logstash reports: # [2020-06-18T11:20:54,146][WARN ][logstash.inputs.redis] Redis connection problem {:exception=>#
鸿钧老祖
  • 1
  • 1
0
votes
1 answer

Logstash RabbitMQ output plugin

I am a new to Logstash and I want to store nginx messages in RabbitMQ queue like this: Nginx logs -(input)-> Logstash -(output)-> RabbitMQ logstash config: filter { grok { match => { "message" => "%{IPORHOST:remote_ip} - %{DATA:user_name}…
Marat Gainutdinov
  • 160
  • 7
0
votes
1 answer

Ship Logs from application server to ELK server with beats

I am building log analyzer for production environment. My scenario is, i need to setupelasticsearch,Logstash and kibana on one centos7 server which is going to use ELK server another one is apache server(remote server). I have configured following…
Kumar
  • 3
  • 2
0
votes
0 answers

Adding context paths to ELK log analytics?

I'm looking to install the ELK stack on my application server by following the instructions here: I can see you can then access the various ELK services on localhost via certain ports. Is there a way for me add context paths for the services. Then I…
itadvicehelpsdf
  • 3
  • 3
0
votes
1 answer

Grok filter is not working properly

I have Filebeat-7.1 installed in a Debian server, this Filebeat send data from files in this Debian server to server with Logstash 7.6 , here are the files config Filebeat.yml: #=========================== Filebeat inputs…
Ankit
  • 1
0
votes
2 answers

Kibana and Logstash: When is a field not a field?

I've enabled the grok filter in our logstash configuration in order to parse logs from HAProxy using the %{HAPROXYHTTP} and %{HAPROXYTCP} patterns. This seems to work great and viewing the details for any log entry from haproxy I can see the various…
larsks
  • 43,623
  • 14
  • 121
  • 180
0
votes
1 answer

can logstash package individual log types into packages an scp them over to a central node?

I am curious whether logstash only processes logs and streams them at the event/line level or can it package all apache access logs for example and send them over zipped up to a central node?
Dan
  • 173
  • 1
  • 1
  • 7
-1
votes
1 answer

How to display filebeat logs as a single file in kibana?

I have used ELK for displaying my middleware logs in kibana. for that I am using multiline patterns which mentioned below, after those logs displaying seperatly like separate expandable. How to display those logs as a single file ? as a single…
Shankar
  • 219
  • 1
  • 4
  • 14
1 2 3
17
18