How to setup Logstach?

From PheonixSolutions
Jump to navigation Jump to search

Step 1: Logstash requires Java to run. You can install OpenJDK using the following command. 

 apt update
 apt install openjdk-8-jre-headless

Step2: Add the Elastic GPG key to verify the packages during installation: 

  wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

Step3: Add the Elastic APT repository to your system's software sources. 

  echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list

Step4: Update the package list and install Logstash: 

  sudo apt update
  sudo apt install logstash

Step5: Create a Logstash configuration file. You can use the following example and modify it as needed. Create the file /etc/logstash/conf.d/my-config.conf. 


  input {
  file {
 path => "/path/to/your/log/file.log"
 start_position => "beginning"
 }
 }
 output {
 elasticsearch {
 hosts => ["http://localhost:9200%22]
 index => "logs-%{+YYYY.MM.dd}"
 }
 }
 }

Step6: Start and enable the Logstash service to run 

 sudo systemctl start logstash

  sudo systemctl enable logstash
Retrieved from "https://wiki.pheonixsolutions.com/index.php?title=How_to_setup_Logstach%3F&oldid=1122"