Facebooktwittergoogle_plusredditpinterestlinkedinmail

Install Logstash 5.0 in Linux

In this article I will cover installation of the Logstash 5.0 in Linux and basic configuration apart from it I will cover validation of Logstash configuration. How Can we start and stop Logstash and verifying that everything is running properly

Let’s start with What is Logstash?

What is Logstash?
Logstash is a data collection engine with real-time pipelining capabilities. You can use Logstash to collect your logs, parse them into your desirable format and store them for searching or monitoring for your application. Logstash latest version has more capabilities other than manage event and logs. Logstash has more than 200 plugins available including flexibility to create your own plugin. These Logstash plugin now facilitates Analysis, Archiving, Monitoring and Alerting features.

Prerequisites:

Logstash requires Java 8. Java 9 is not supported . You can use Official Oracle Distribution or an open-source distribution such as OpenJDK.

Install Logstash 5.0 on RHEL / CentOS 6 and above version through Package Repository

Install Public Signing Key

rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch

Add logstash.repo in /etc/yum.repos.d/

[logstash-5.x]
name=Elastic repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

Now logstash will be available for installation using yum.

yum install logstash

Install Logstash on Ubuntu

Download and install the Public Signing Key:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

Install the apt-transport-https package on Debian before installation.

sudo apt-get install apt-transport-https

Save the repository definition to /etc/apt/sources.list.d/elastic-5.x.list:

echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list

Update the apt-get package

sudo apt-get update

Now your repository is ready for use. You can install apt-get like this

sudo apt-get install logstash

Create a Basic Logstash Configuration

You can create basic logstash configuration in your project directory as well and pass this conf file using -f option. I have create this conf in /home/prod/logstash/logstash-simple.conf.
logstash-simple.conf

input { stdin { } }
output {
elasticsearch { hosts => ["localhost:9200"] }
stdout { codec => rubydebug }
}

Validate logstash conf file from -config-test. This option has been added on logstash-2.1.

Config test on Centos 6

/opt/logstash/bin/logstash --configtest -f /home/prod/logstash/logstash-jdbc.conf

Start Logstash

sudo service logstash start
How to install Logstash in Linuxhttp://techieroop.com/wp-content/uploads/2016/01/How-to-Install-Logstash-in-Linux.pnghttp://techieroop.com/wp-content/uploads/2016/01/How-to-Install-Logstash-in-Linux-150x150.png Roopendra DevOPSLogstash,,
Install Logstash 5.0 in Linux In this article I will cover installation of the Logstash 5.0 in Linux and basic configuration apart from it I will cover validation of Logstash configuration. How Can we start and stop Logstash and verifying that everything is running properlyLet's start with What is Logstash?What...
<h3>Install Logstash 5.0 in Linux</h3> In this article I will cover installation of the <strong>Logstash</strong> 5.0 in Linux and basic configuration apart from it I will cover validation of <strong>Logstash</strong> configuration. How Can we start and stop Logstash and verifying that everything is running properlyLet's start with What is Logstash?<strong>What is Logstash?</strong> <strong>Logstash</strong> is a data collection engine with real-time pipelining capabilities. You can use Logstash to collect your logs, parse them into your desirable format and store them for searching or monitoring for your application. Logstash latest version has more capabilities other than manage event and logs. Logstash has more than 200 plugins available including flexibility to create your own plugin. These Logstash plugin now facilitates <em><strong>Analysis, Archiving, Monitoring </strong></em>and <em><strong>Alerting</strong></em> features.<strong>Prerequisites:</strong>Logstash requires Java 8. Java 9 is not supported . You can use <a href="http://www.oracle.com/technetwork/java/javase/downloads/index.html">Official Oracle Distribution</a> or an open-source distribution such as <a class="ulink" href="http://openjdk.java.net/" target="_top">OpenJDK</a>. <h3>Install Logstash 5.0 on RHEL / CentOS 6 and above version through Package Repository</h3> Install Public Signing Key <pre>rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch</pre> Add logstash.repo in /etc/yum.repos.d/ <pre class="programlisting prettyprint lang-sh prettyprinted"><span class="pun">[</span><span class="pln">logstash</span><span class="pun">-</span><span class="lit">5.x</span><span class="pun">]</span><span class="pln"> name</span><span class="pun">=</span><span class="typ">Elastic</span><span class="pln"> repository </span><span class="kwd">for</span> <span class="lit">5.x</span><span class="pln"> packages baseurl</span><span class="pun">=</span><span class="pln">https</span><span class="pun">://</span><span class="pln">artifacts</span><span class="pun">.</span><span class="pln">elastic</span><span class="pun">.</span><span class="pln">co</span><span class="pun">/</span><span class="pln">packages</span><span class="pun">/</span><span class="lit">5.x</span><span class="pun">/</span><span class="pln">yum gpgcheck</span><span class="pun">=</span><span class="lit">1</span><span class="pln"> gpgkey</span><span class="pun">=</span><span class="pln">https</span><span class="pun">://</span><span class="pln">artifacts</span><span class="pun">.</span><span class="pln">elastic</span><span class="pun">.</span><span class="pln">co</span><span class="pun">/</span><span class="pln">GPG</span><span class="pun">-</span><span class="pln">KEY</span><span class="pun">-</span><span class="pln">elasticsearch enabled</span><span class="pun">=</span><span class="lit">1</span><span class="pln"> autorefresh</span><span class="pun">=</span><span class="lit">1</span><span class="pln"> type</span><span class="pun">=</span><span class="pln">rpm</span><span class="pun">-</span><span class="pln">md</span></pre> Now logstash will be available for installation using yum. <pre>yum install logstash</pre> <h3>Install Logstash on Ubuntu</h3> Download and install the Public Signing Key: <div class="pre_wrapper"> <div class="pre_wrapper"> <pre class="programlisting prettyprint lang-sh prettyprinted"><span class="pln">wget </span><span class="pun">-</span><span class="pln">qO </span><span class="pun">-</span><span class="pln"> https</span><span class="pun">://</span><span class="pln">artifacts</span><span class="pun">.</span><span class="pln">elastic</span><span class="pun">.</span><span class="pln">co</span><span class="pun">/</span><span class="pln">GPG</span><span class="pun">-</span><span class="pln">KEY</span><span class="pun">-</span><span class="pln">elasticsearch </span><span class="pun">|</span><span class="pln"> sudo apt</span><span class="pun">-</span><span class="pln">key add </span><span class="pun">-</span></pre> </div> </div> Install the <code class="literal">apt-transport-https</code> package on Debian before installation. <pre class="programlisting prettyprint lang-sh prettyprinted"><span class="pln">sudo apt</span><span class="pun">-</span><span class="pln">get install apt</span><span class="pun">-</span><span class="pln">transport</span><span class="pun">-</span><span class="pln">https</span></pre> Save the repository definition to <code class="literal">/etc/apt/sources.list.d/elastic-5.x.list</code>: <div class="pre_wrapper"> <div class="pre_wrapper"> <pre class="programlisting prettyprint lang-sh prettyprinted"><span class="pln">echo </span><span class="str">"deb https://artifacts.elastic.co/packages/5.x/apt stable main"</span> <span class="pun">|</span><span class="pln"> sudo tee </span><span class="pun">-</span><span class="pln">a </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">apt</span><span class="pun">/</span><span class="pln">sources</span><span class="pun">.</span><span class="pln">list</span><span class="pun">.</span><span class="pln">d</span><span class="pun">/</span><span class="pln">elastic</span><span class="pun">-</span><span class="lit">5.x</span><span class="pun">.</span><span class="pln">list</span></pre> </div> </div> Update the apt-get package <pre>sudo apt-get update</pre> Now your repository is ready for use. You can install apt-get like this <pre>sudo apt-get install logstash</pre> <h4>Create a Basic Logstash Configuration</h4> You can create basic logstash configuration in your project directory as well and pass this conf file using -f option. I have create this conf in /<strong>home/prod/logstash/logstash-simple.conf</strong>. <strong>logstash-simple.conf</strong> <pre>input { stdin { } } output { elasticsearch { hosts => ["localhost:9200"] } stdout { codec => rubydebug } }</pre> Validate logstash conf file from<em> -config-test</em>. This option has been added on <em>logstash-2.1</em>.<strong>Config test on Centos 6</strong> <pre>/opt/logstash/bin/logstash --configtest -f /home/prod/logstash/logstash-jdbc.conf</pre> <strong>Start Logstash</strong> <pre>sudo service logstash start</pre>
(Visited 1,783 times, 149 visits today)
Facebooktwittergoogle_pluslinkedinrss