Can Logstash process archived data in the .tar.gz format?

eranlog · June 27, 2017, 9:58pm

Hi,

I am trying to figure out a solution.

Feed Logstash with .tar.gz archive
Extract from .tar.gz archive files of interest
output files of interest to Elasticsearch

Does LS have support for the .tar.gz format as input?
If so how LS config looks like?

Thanks n advanced,

magnusbaeck · June 28, 2017, 3:38am

No, Logstash can't read files within tar.gz archives. You'll have to write a script that extracts the files into a temporary directory that Logstash can monitor.

eranlog · June 28, 2017, 7:14am

Thanks a lot for your quick response,

system · July 26, 2017, 7:14am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash processing gz file and sending logs to Elasticsearch Logstash	2	355	April 18, 2022
How to parse .gz (compressed file) using logstash Logstash	3	3520	December 1, 2017
Gzipped input for logstash Logstash	2	1131	July 6, 2017
Using Logstash 5.5 for reading .gz files Logstash	4	4606	September 23, 2017
Read old logs in .gz format Logstash	8	4242	July 6, 2017

Can Logstash process archived data in the .tar.gz format?

Related topics