Outline-Logstash

Introducing Logstash

Input Mechabisms

• TCP/UDP
• Files
• Syslog
• Microsoft Windows Eventlog
• STDIN (Standard Input)
• other

Output Mechanisms

• TCP/UDP
• Email
• Files
• HTTP
• Nagios

Design and architecture

• Message-base architecture
• Single agent to perform different function

Four components

• Shipper: Sends events to Logstash.
• Broker and Indexer: Receives and indexes the events.
• Search and Storage: Search and store events.
• Web interface: Web based interface to logstash called Kibana

Four components can run independently.

Structure

Logstash Resource

• The Logstash Site
• The Logstash book
• The Logstash Issues