In this article we are going to explore Input plugin for Logstash. In order to fetch Tomcat logs we need to write a config file for Logstash.
path => "C:\Automation\Softwares\apache-tomcat-9.0.26\logs*.log"
type => "apache"
# start_position => "beginning"
#schedule you logstash to get new logs
start_position => "end"
stat_interval => "30 second"
hosts => ["localhost:9200"]
index => "ApacheTomcatLogs"
In filebeat.inputs: update,
paths: "C:\MyLogs*" and enabled: true
Now before running Logstash, ensure that both Kibana and Elasticsearch is up and running. Use this command to run Logstash.
logstash -f C:\Automation\ELK\ImportApacheLogsToLogstash.conf
Now, since we are also fetching this message to Elastcsearch. So, goto Management tab and then Index Pattern. We have to create a new index pattern. Creating Index Pattern meaning, mapping Kibana UI with Elasticsearch Index. To view data, goto Discover page, You can see your index will be coming over there.
Hope you found it useful! If you ever need my help, you can write in comments sections. Also, you can contact me through my personal website: www.QATechTesting.com or through my LinkedIn Profile (https://www.linkedin.com/in/raghwendra-sonu/).