There is a point to this story, but it has temporarily escaped my mind...
Contact Me MyFaceBook MyLinkedIn MyGitHub MyTwitter

Install Logstash

Logstash is an open source data collection engine. It's designed to ingest data, usually logs. It can enhance or filter the data, and then forward it to a permanent back-end storage facility.

Make sure that all of the latest patches are installed.

sudo apt-get update
sudo apt-get dist-upgrade
sudo reboot

Configure Firewall:

sudo ufw allow ssh
sudo ufw allow 5044/tcp
sudo ufw enable

Install Install Java

Add the Elastic Search Key and Software:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
 
cat > /tmp/logstash.list << EOF
deb https://packages.elastic.co/logstash/2.3/debian stable main
EOF
 
sudo mv /tmp/logstash-list /etc/apt/sources.list.d/
 
sudo apt-get update
 
sudo apt-get install logstash

If you are using ElasticSearch as the back-end storage, create the following configuration file:

cat > /tmp/beats.conf << EOF
input {
    beats {
        port => "5044"
    }
}
 
output {
    elasticsearch {
        hosts => ["192.168.0.20:9200"]
        index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
        document_type => "%{[@metadata][type]}"
    }
}
EOF
 
sudo cp /tmp/beats.conf /etc/logstash/conf.d/

Then enable and start the service:

sudo systemctl enable logstash
 
sudo service logstash start
Copyright © 2019 by Julian Easterling. SOME RIGHTS RESERVED.
Privacy Policy              Terms of Use             


Creative Commons License
Except where otherwise noted, content on this site is
licensed under a Creative Common Attribution-Share Alike 4.0 International License.


All of the opinions expressed on this website are those of Julian Easterling and
do not represent the views of any of my current and previous clients or employers in any way.

If you notice an error on the site or content that has not been properly attributed, bring
it to my attention using the contact page and I will endeavor to fix it as soon as I can.

I accept no responsibility or liability for any damages incurred by following any of
my advice or by using any of the information on my site or of those sites that I link to.