What is Logstash?

Logstash is a data collection engine with real-time pipelining capabilities. You can use Logstash to collect your logs, parse them into your desirable format and store them for searching or monitoring for your application. Logstash latest version has more capabilities other than manage event and logs. Logstash has more than 200 plugins available including flexibility to create your own plugin. These Logstash plugin now facilitates Analysis, Archiving, Monitoring and Alerting features.

Install Logstash in RHEL / CentOS

Prerequisites:

Logstash requires Java 8. Java 9 is not supported . You can use Official Oracle Distribution or an open-source distribution such as OpenJDK.

Install Public Signing Key

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Add logstash.repo file in /etc/yum.repos.d/

/etc/yum.repos.d/logstash.repo

[logstash-5.x]
name=Elastic repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

Now logstash will be available for installation using yum.

yum install logstash
(Visited 226 times, 12 visits today)