{"id":2672,"date":"2018-08-28T05:50:09","date_gmt":"2018-08-28T11:50:09","guid":{"rendered":"https:\/\/www.supportpro.com\/blog\/?p=2672"},"modified":"2026-04-05T22:03:44","modified_gmt":"2026-04-06T04:03:44","slug":"logstash","status":"publish","type":"post","link":"https:\/\/www.supportpro.com\/blog\/logstash\/","title":{"rendered":"Logstash"},"content":{"rendered":"\n

Logstash (Log collection engine) collects Logs and events data, Parse and Transform. It is a tool for managing events and logs. Logstash is a system of log collection, processing, storage and searching activities. Basically, it collects, processes, and forwards events and log messages. The Collection can be completed via configuring the “Input plugins” including raw socket\/packet communication, file tailing, and several message bus clients. Once an input plugin has collected data it can be processed by any number of filters which modify and give an explanation of the event data. Finally, logstash will route the event data to output plugins which can forward the events to a variety of external programs including Elasticsearch, local files and several message bus implementations.<\/p>\n\n\n\n

A Logstash pipeline has two required elements, input and output, and one optional element, filter. The input plugins consume data from a source, the filter plugins modify the data as you specify, and the output plugins write the data to a destination.<\/p>\n\n\n\n

 <\/p>\n\n\n\n

\"Image<\/figure>\n\n\n\n

 <\/p>\n\n\n\n

Logstash can collect logs from sources using input plugins, process the data into a common format using filters, and stream data using output plugins. It accepts data from all shapes and size of data. Logstash will move the data and store it into different storage for further analysis. Check the below-given image for further information:\u00a0<\/p>\n\n\n\n

1. For analysis, we can use datastore like MongoDB or elasticsearch
2. For archiving we can store data in the s3\/Google storage
3. For monitoring, we can use Nagios\/Graphite<\/p>\n\n\n\n

Logstash Plug-ins<\/span><\/strong><\/h3>\n\n\n\n

Logstash has a collection of input, filter and output plugins.<\/p>\n\n\n\n

Input Plugins: <\/b> Enables ‘event’ that can be read by logstash<\/span><\/p>\n\n\n\n

Filter Plugins: <\/b> Performs processing of an event<\/span><\/p>\n\n\n\n

Output Plugins<\/b>: S<\/span>ends event data to a different destination<\/span><\/p>\n\n\n\n

Logstash pipeline: <\/b> Basic configuration syntax of the logstash pipeline<\/span><\/p>\n\n\n\n