Basic Flow of Logstash?
LS Agent(s) (Installed on App Server(s)) --> RabbitMQ --> LS Server --> Elasticsearch Server <-- Kibana <-- end user.
So which scripting language is recommended to parse the logs or data?
There is a bunch of plugins for logstash but mostly we use the grok filter.
It takes grok expressions which can be the special grok or even ruby regexes with named captures.
If you need help building patterns to match your logs, you will find the http://grokdebug.herokuapp.com and http://grokconstructor.appspot.com/ applications quite useful!
We need to include Puppet in setup or we can manage with out puppet?
Puppet manages LS Agents on all servers. We create filters and apply them based off the server hostgroup and also input files.
Videos on Logstash:
Download Logstash:
No comments:
Post a Comment