Logstash is an open source tool for collecting, parsing and storing logs for future use. It ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite repository (in this case, Devo).
...
In this article you will learn about:
| Table of Contents | ||||
|---|---|---|---|---|
|
About Logstash configuration files
...
You can get details about each of the parameters contained in this example in the Logstash Reference Guide, but note that:
The port is 13000. This is because the events will be delivered to the relay already tagged and no further processing is required. More about default relay rules here.
The appname parameter is where we specify the Devo tag to apply to these events.
Once you've edited the .conf file, reactivate the configuration with:
...
Again, you can read more about each of the parameters contained in this example in the Logstash Reference Guide, but note that:
The host specifies the address of the Devo Cloud for the region you are using. It should be one of:
USA: collector-us.devo.io
Europe: collector-eu.devo.io
Spain: collector-es.devo.io
The port is 443 because this is the inbound port used for sending to the Devo Cloud.
The appname parameter is where we specify the Devo tag to apply to these events.
Once you've edited the .conf file, reactivate the configuration with:
| Code Block |
|---|
./bin/logstash -f <filename>.conf |
Some configuration examples
Below we provide some sample configuration files for some cases where Logstash can be used to forward events from different kinds of data sources.
| Table of Contents | ||||
|---|---|---|---|---|
|
Forwarding from a database with JDBC
...
In this example, the input section uses the jdbc plugin to collect input:
from a database specified by the jdbc_connection_string parameter
with a frequency defined by the schedule parameter
using the SQL statement set in the statement parameter
Read more about the jdbc input parameters here.
...