Beats vs logstash

Whats the difference between beats and logstash please?

The programs in the Beats series are lightweight and tailored for specific purposes while Logstash is more generic and has a wide range of plugins for various purposes, at the cost of a higher overhead and footprint.

A litlle bit confusing.. :slight_smile: Whats the use case?

Its not that confusing.

Beats is a lightweight (small cpu/mem usage) for specific purposes (system metrics, logs, etc).

Logstash provides a lot more, via plugins, for input, filtering/mutation of events and output. Logstash is a lot bigger of an application, however.

There is the added benefit that you are not required to use logstash when using beats, you can instead pipe direct into elasticsearch.

Here is a diagram of the interaction process:

https://www.elastic.co/assets/bltbdd3db766780b321/beats%20platform.png

If you're really confused about the usage, you should read up the product details here.

A little reading goes a long way. :wink:

Cheers guys

Seems the graphic no longer exists and disappeared in a puff of logic