Logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching).
什么是 Logstash?为什么要用 Logstash?怎么用 Logstash?
安装
使用软件仓库的配置
rpm –import http://packages.elasticsearch.org/GPG-KEY-elasticsearch
cat > /etc/yum.repos.d/logstash.repo <<EOF
[logstash-5.0]
name=logstash repository for 5.0.x packages
baseurl=http://packages.elasticsearch.org/logstash/5.0/centos
gpgcheck=1
gpgkey=http://packages.elasticsearch.org/GPG-KEY-elasticsearch
enabled=1
EOF
yum clean all
yum install logstash可以访问 https://www.elastic.co/downloads/logstash 页面找对应操作系统和版本
运行
bin/logstash -e 'input{stdin{}}output{stdout{codec=>rubydebug}}'
结果
{
"message" => "Hello World",
"@version" => "1",
"@timestamp" => "2014-08-07T10:30:59.937Z",
"host" => "raochenlindeMacBook-Air.local",
}
plugin
Usage:
bin/plugin [OPTIONS] SUBCOMMAND [ARG] ...
Parameters:
SUBCOMMAND subcommand
[ARG] ... subcommand arguments
Subcommands:
install Install a plugin
uninstall Uninstall a plugin
update Install a plugin
list List all installed plugins
Options:
-h, --help print help
Filebeat client可以在服务端收集log文件,并传送到logstash实例。