Download latest version of Logstash from below link and use command to unTar and installation in Linux server or if window just unzip downloaded file.
Download Link : https://www.elastic.co/downloads/logstash
tar -zxvf logstash-5.4.0.tar.gz
It will show below file and directory structure.
drwxr-xr-x 2 facingissuesonit Saurabh 4096 Apr 20 11:27 bin -rw-r--r-- 1 facingissuesonit Saurabh 111569 Mar 22 23:49 CHANGELOG.md drwxr-xr-x 2 facingissuesonit Saurabh 4096 Apr 20 11:27 config -rw-r--r-- 1 facingissuesonit Saurabh 2249 Mar 22 23:49 CONTRIBUTORS drwxr-xr-x 3 facingissuesonit Saurabh 4096 Apr 20 12:07 data -rw-r--r-- 1 facingissuesonit Saurabh 3945 Mar 22 23:55 Gemfile -rw-r--r-- 1 facingissuesonit Saurabh 21544 Mar 22 23:49 Gemfile.jruby-1.9.lock drwxr-xr-x 5 facingissuesonit Saurabh 4096 Apr 20 11:27 lib -rw-r--r-- 1 facingissuesonit Saurabh 589 Mar 22 23:49 LICENSE drwxr-xr-x 2 facingissuesonit Saurabh 4096 May 21 00:00 logs drwxr-xr-x 4 facingissuesonit Saurabh 4096 Apr 20 11:27 logstash-core drwxr-xr-x 3 facingissuesonit Saurabh 4096 Apr 20 11:27 logstash-core-event-java drwxr-xr-x 3 facingissuesonit Saurabh 4096 Apr 20 11:27 logstash-core-plugin-api drwxr-xr-x 3 facingissuesonit Saurabh 4096 Apr 20 11:27 logstash-core-queue-jruby -rw-r--r-- 1 facingissuesonit Saurabh 28114 Mar 22 23:56 NOTICE.TXT drwxr-xr-x 4 facingissuesonit Saurabh 4096 Apr 20 11:27 vendor
Before going to start Logstash need to create configuration file for taking input from different input sources like file, csv, jdbc, json, kafka, filebeat etc. and parse these data in respected fields and send it to output like elasticsearch, file, kafka etc.
Logstash Configuration file will follow below syntax as i have created file logstash-app1.conf in logstash bin directory . Please follow Logstash Tutorial for more Input, Filter and Output plugin Examples.
/bin/logstash-app1.conf
input {
kafka {
....
}
jdbc {
....
}
}
filter
{
//parse log line or data...
grok
{
....
}
}
output {
#Output result sent to elasticsearch
elasticsearch {
....
}
#Sysout to console
stdout
{
codec => rubydebug
}
}
To test your configuration file you can use below command.
./logstash -t -f logstash-app1.conf
If we get result OK means no any syntax, compile time issue with configuation file from above command.Now run below to start reading and parsing data from different sources.
./logstash -f logstash-app1.conf
To run logstash in background follow command as so that when close your console your Logstash process will keep running.
screen -d -m ./logstash -f logstash-app1.conf
Summary
In above detail cover about below points:
- How to Install Logstash on Linux Environment.
- Configuration file Syntax and validation.
- Start Logstash for configuration file.
- Start Logstash on background for configuration file.
Read More
To read more on Logstash Configuration,Input Plugins, Filter Plugins, Output Plugins, Logstash Customization and related issues follow Logstash Tutorial and Logstash Issues.
Hope this blog was helpful for you.
Leave you feedback to enhance more on this topic so that make it more helpful for others.
3 thoughts on “Logstash Installation, Configuration and Start”
You must log in to post a comment.