How to install logstash on centos

We will learn How to install logstash on centos. logstash is opensource tool which use for ma
nage the events and logs and process the logs.

Logstash :-

1. Install the Java in Machine :-
sudo yum -y install java-1.8.0-openjdk
2. Please use below command to install Logstash :-
sudo rpm --import

3. Create Repo file :-
vim /etc/yum.repos.d/elasticsearch.repo
name=Elastic repository for 6.x packages

4. Install Package from logstash repo file :-
sudo yum install logstash -y
You can also Install from here link

5. Add the below entry below file :-
vim /etc/logstash/conf.d/logstash-syslog-filter.conf
filter {
  if [type] == "syslog" {
    grok {
      match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" }
      add_field => [ "received_at", "%{@timestamp}" ]
      add_field => [ "received_from", "%{host}" ]
    date {
      match => [ "syslog_timestamp", "MMM  d HH:mm:ss", "MMM dd HH:mm:ss" ]
vim /etc/logstash/conf.d/logstash-syslog.conf
input {
  file {
    path => [ "/var/log/nginx/*.log", "/var/log/messages", "/var/log/syslog" ]
    type => "syslog"
output {
    elasticsearch {
        hosts => ["localhost:9200"]
6. Restart and Enable the Logstash Service :-
service logstash restart
service logstash status
systemctl enable logstash

How to install logstash on centos  How to install logstash on centos Reviewed by Unknown on September 22, 2018 Rating: 5

No comments:

Powered by Blogger.

Get Updates On

Linux Tutorial

AWS Tutorial

Devops Tutorial

We are going to send you our resources for free. To collect your copy at first, join our mailing list. So don't miss any updates, stay connected!