Logstash
- Logstash is a tool for managing events and logs.
- You can use it to collect logs, parse them, and store them for later use (like, for searching).
- If you store them in Elasticsearch, you can view and analyze them with Kibana.
Install Logstash on Debian/Ubuntu
Download and install the Public Signing Key
$ wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
Setup Repository
$ echo "deb http://packages.elastic.co/logstash/2.1/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elk.list
Install Logstash
$ sudo apt-get update && sudo apt-get install logstash
# Debian 8
$ sudo /bin/systemctl daemon-reload
$ sudo /bin/systemctl enable logstash.service
# Ubuntu
$ sudo update-rc.d logstash defaults 95 10
Install Logstash on CentOS
Download and install the Public Signing Key
$ rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch
Setup Repository
$ sudo vim /etc/yum.repos.d/elk.repo
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enabled=1
Install Logstash
$ yum install logstash
$ sudo /sbin/chkconfig logstash on
Post Navigation
How to Install ElasticSearch How to Install Kibana
