Logstash is a light-weight, open-source, server-side data processing pipeline that allows you to collect data from a variety of sources, transform it on the fly, and send it to your desired destination. It is most often used as a data pipeline for Elasticsearch, an open-source analytics and search engine. Logstash integrates with Elasticsearch and has over 200 pre-built open-source plugins that can help to index your data.
Official Logstash docker image is around 800 MB size.
docker pull docker.elastic.co/logstash/logstash:7.8.0 docker run --rm -it -v ~/pipeline/:/usr/share/logstash/pipeline/ docker.elastic.co/logstash/logstash:7.8.0
- Docker Logstash configurations:
- Pipeline configurations:
- Review homepage: https://www.elastic.co/logstash
- Review Logstash logs
- docker run --log-driver=syslog --log-opt syslog-address=tcp://<logstash-system-ip>:5000 hello-world
logstash (command), Logstash: docker run
Kibana, AWS Elasticsearch, Elastic SIEM, Elastic Beats,
journalbeat, Elastisearch Service , Search guard, Elasticsearch logs, Elasticsearch release notes, Curator, ILM, Lumberjack protocol
- Logs, Linux logging,
docker logs, Vector, Logstash, Filebeat, promtail, logfmt, Elasticsearch, fluentd