Apache web server logs - best practice?


I'm trying to send my Apache access & error logs to Logstash, and found the various resources a bit confusing as it's all a bit new to me; I'd appreciate some clarifications:

  1. Is there a way to use Syslog input plugin directly from Apache (i.e. without a syslog server in between)? If so, how do I configure Apache to send the logs to the TCP/UDP ports opened by Logstash?

  2. Is syslog even the best option in this case? I want to use containers, so I was wondering if using file input (or any other input plugin) might be better? We need to use Grok, if it makes a difference.


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.