Install Logstash 5.0 in Linux

In this article I will cover installation of the Logstash 5.0 in Linux and basic configuration apart from it I will cover validation of Logstash configuration. How Can we start and stop Logstash and verifying that everything is running properly

Let’s start with What is Logstash?

What is Logstash?
Logstash is a data collection engine with real-time pipelining capabilities. You can use Logstash to collect your logs, parse them into your desirable format and store them for searching or monitoring for your application. Logstash latest version has more capabilities other than manage event and logs. Logstash has more than 200 plugins available including flexibility to create your own plugin. These Logstash plugin now facilitates Analysis, Archiving, Monitoring and Alerting features.

Prerequisites:

Logstash requires Java 8. Java 9 is not supported . You can use Official Oracle Distribution or an open-source distribution such as OpenJDK.

Install Logstash 5.0 on RHEL / CentOS 6 and above version through Package Repository

Install Public Signing Key

rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch

Add logstash.repo in /etc/yum.repos.d/

[logstash-5.x]
name=Elastic repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

Now logstash will be available for installation using yum.

yum install logstash

Install Logstash on Ubuntu

Download and install the Public Signing Key:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

Install the apt-transport-https package on Debian before installation.

sudo apt-get install apt-transport-https

Save the repository definition to /etc/apt/sources.list.d/elastic-5.x.list:

echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list

Update the apt-get package

sudo apt-get update

Now your repository is ready for use. You can install apt-get like this

sudo apt-get install logstash

Create a Basic Logstash Configuration

You can create basic logstash configuration in your project directory as well and pass this conf file using -f option. I have create this conf in /home/prod/logstash/logstash-simple.conf.
logstash-simple.conf

input { stdin { } }
output {
elasticsearch { hosts => ["localhost:9200"] }
stdout { codec => rubydebug }
}

Validate logstash conf file from -config-test. This option has been added on logstash-2.1.

Config test on Centos 6

/opt/logstash/bin/logstash --configtest -f /home/prod/logstash/logstash-jdbc.conf

Start Logstash

sudo service logstash start
(Visited 173 times, 4 visits today)