In this post I will explain the very simple setup of Logstash on an EC2 server and a simple configuration that takes an input from a log file and puts it in Elasticsearch.
If you don’t already have an Elasticsearch server feel free to click: how to install and configure elasticsearch in aws
Step 1: Installation
The first step is getting the installation from the official website:
[root@logstash ~] wget https://download.elasticsearch.org/logstash/logstash/packages/centos/logstash-1.4.2-1_2c0f5a1.noarch.rpm
next, install the rpm using yum:
[root@logstash ~] yum install logstash-1.4.2-1_2c0f5a1.noarch.rpm
Now that was easy…we’re done with the installation already
Step 2: configuration
For the configuration part, edit the following file:
[root@logstash ~] vi /etc/logstash/conf.d/logstash.conf
This is the main configuration file of logstash. let’s put a simple configuration that takes an input from a text file and puts it in our Elasticsearch cluster/server. append the following lines to the file:
input {
file {
path => "/tmp/log.txt"
}
}
output {
elasticsearch {
host => "elasticsearch_cluster_dns_name"
protocol => "http"
}
}
Fill in your elasticsearch hostname after host. If you’re using load balancer make sure that you put the dns name of the load balancer.Each new line in the test.txt file will be sent to the elasticsearch server.
now, for the final step let’s turn the service on:
[root@logstash ~]service logstash restart
Step 3: Testing
Now lt’s see if the logstash is really working. enter a few lines to you text file:
[root@logstash ~]echo "Hello" > /tmp/log.txt
Do that a couple of times so you have some data in your log.
Now open the elasticsearch on your browser with the /_plugin/head end as follows:
http://your_elasticsearch_hostname:9200/_plugin/head/
Sample output:
Hit browser:
If you did everything OK that’a what you should see.
You can see the message that went into the log and the log name. congratulations you have logstash
want a full ELK tutorial ?
Continue with the Logstash installation: How to install and configure Kibana in AWS
Pingback: How to install and configure Elasticsearch in AWS
Pingback: How to install and configure Kibana in AWS
Do we require logstash forwarder in order to send the logs to elasticsearch from logstash?
Iam unable to see the logs in the elasticsearch from logstash
Hi,
I walked through the steps. Everything went well, but getting ‘Gateway error’ while accessing the elasticsearch server through browser. please help in resolving this issue.
P.S: I am running on single ec2 instance and not using any ELB clusters.