Answer the question
In order to leave comments, you need to log in
V
V
voe2016-11-18 09:54:07
voe, 2016-11-18 09:54:07
Do I understand correctly that you need to raise a separate instance of logstash on each server?
Setting up log collection based on ELK, the question arose of how to place and configure logstash in accordance with the logic of the ELK developers?
1. Suppose I have 5 (with different services and, accordingly, with different types of logs) servers from which I need to send logs, for example, via Beats, do I need to raise logstash on each server or configure one logstash that will receive streams from 5 different servers?
2. Are they the same for logstash in the input, filter and output sections of logstash ? those. can I create multiple configs that fully define unique input, filter and output ?
1 answer(s)
@voe
M
Max, 2016-11-18 @voe
1. No. IMHO bits can send and not to the local host. so send for 1 common logstash.
2. yes, one. If you want to bind different sources to different filters and different output - use
input {
file {
type => "my_type"
}
filter {
if [type] == "my_type" {}
}
output {
if [type] == "my_type" {}
}
Similar questions
S
T
A
M
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question