logstash 6 configuration with images in centos 7

Linuxtopic
Linuxtopic
December 28, 2017
1















OS     -    CentOS 7


IP    -    172.17.20.100


Host    -    linuxtopic.com


Logstash default port    -    5000




Step 1:




Update system


yum update






Install Java & curl


yum install java




   


Check Java Version


java -version




               


Step 2:




Downloading and Installing Logstash




Method 1 : Download & Install RPM Manually


cd /opt

wget https://artifacts.elastic.co/downloads/logstash/logstash-6.1.1.rpm




logstash 6 installation and configuration with images in centos 7, logstash 6, logstash.yml, logstash filter, logstash, elasticsearch 6, logging system, centralise logging, kibana 6, linuxtopic, linux topic, logstash configuration, logstash download, logstash installaction, logstash notes


rpm -ivh logstash-6.1.1.rpm






Method 2 : Install using YUM Repo

       


rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

echo "[logstash-6.x]
name=Elastic repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md" > /etc/yum.repos.d/logstash6.repo




yum install logstash


logstash 6 installation and configuration with images in centos 7, logstash 6, logstash.yml, logstash filter, logstash, elasticsearch 6, logging system, centralise logging, kibana 6, linuxtopic, linux topic, logstash configuration, logstash download, logstash installaction, logstash notes






Directory Layout of Debian and RPM Packages



The Debian package and the RPM package each place config files, logs, and the settings files in the appropriate locations for the system:


logstash 6 installation and configuration with images in centos 7, logstash 6, logstash.yml, logstash filter, logstash, elasticsearch 6, logging system, centralise logging, kibana 6, linuxtopic, linux topic, logstash configuration, logstash download, logstash installaction, logstash notes






Setting Files :




logstash.yml     - Contains logstash Configuration flags


jvm.options       - Contains JVM configuration flags


Startup.options - Contains options used by system-install script in


                             /usr/share/logstash/bin




Step 3:




Configure Logstash:  Creating a simple config file and using it to run Logstash


echo "input {
beats {
port => 5044
#ssl => true
#ssl_certificate => \"/etc/pki/tls/certs/logstash-forwarder.crt\"
#ssl_key => \"/etc/pki/tls/private/logstash-forwarder.key\"
}
}" > /etc/logstash/conf.d/logstash-input.conf






Here we can define port and certificate and key


echo "output {
elasticsearch {
hosts => [\"172.17.20.100:9200\"]
sniffing => true
index => \"%{[@metadata][beat]}-%{+YYYY.MM.dd}\"
}
}" > /etc/logstash/conf.d/logstash-output.conf






Here we define  elasticsearch with port  




Create logstash filter file


echo "filter {
if [type] == \"syslog\" {
grok {
match => { \"message\" => \"%{SYSLOGLINE}\" }
}
date {
match => [ \"timestamp\", \"MMM d HH:mm:ss\", \"MMM dd HH:mm:ss\" ]
}
}
}" > /etc/logstash/conf.d/logstash-filter.conf


logstash 6 installation and configuration with images in centos 7, logstash 6, logstash.yml, logstash filter, logstash, elasticsearch 6, logging system, centralise logging, kibana 6, linuxtopic, linux topic, logstash configuration, logstash download, logstash installaction, logstash notes


chmod +x /etc/logstash/conf.d/logstash-*


Start Logstash & enable  at  boot


systemctl start logstash

systemctl enable logstash


To stop logstash


systemctl stop logstash



Tags:

You may like these posts

Show more

Post a Comment

1Comments

  1. william oscar12 April 2019 at 11:50

    Nicest information!!! I'll be enchanted to greatly help due to what I've learnt from here.

    logo design

    ReplyDelete
Post a Comment

#buttons=(Ok, Go it!) #days=(20)

Our website uses cookies to enhance your experience. Check Now
Ok, Go it!
Share to other apps
Copy Post Link