Logstash

Introduction

...

Deploy With Binary

Quick Start

# 1.download and decompression
https://www.elastic.co/downloads/logstash

# 2.configure
touch config/logstash.conf
vim config/logstash.conf

# 3.run
bin/logstash -f logstash.conf

Config and Boot

[[sc-logstash|Logstash config]]

# boot 
cat > /usr/lib/systemd/system/logstash.service << "EOF"
[Unit]
Description=logstash
Documentation=https://www.elastic.co
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
User=logstash
Group=logstash
EnvironmentFile=-/etc/default/logstash
ExecStart=/opt/logstash/bin/logstash "--path.settings" "/opt/logstash/config" "--path.logs" "/opt/logstash/logs" -f /opt/logstash/config/conf.d/logstash.conf
Restart=always
WorkingDirectory=/opt/logstash
Nice=19
LimitNOFILE=65535
TimeoutStopSec=infinity

[Install]
WantedBy=multi-user.target
EOF

# permission
chown logstash:logstash /opt/logstash -R

systemctl daemon-reload
systemctl start .service
systemctl enable .service

Deploy With Container

Run by Resource

# https://docs.fluentd.org/container-deployment/kubernetes

Run in Kubernetes

# add and update repo
helm repo add elastic https://helm.elastic.co
helm update

# get charts package
helm pull elastic/logstash --untar
cd logstash

# configure and run
vim values.yaml
logstashPipeline:
  logstash.conf: |
    input {
      exec {
        command => "uptime"
        interval => 30
      }
    }
    output { stdout { } }
...

helm -n logging install logstash .

Reference:

1. Official Website
2. Repository
3. apt installing