Can we monitor IBM webSphere event logs using elasticsearch?

Hi,

I want to monitor the near real time logs of IBM webSphere.

How can we do with elasticsearch?

Use Logstash to read and parse the logs and post them into Elasticsearch.

Can we read real time websphere logs using Logstash? i mean how do connect to IBM server?
Can i have any sample logsatsh conf file to connect IBM?

If WebSphere writes its logs to text files in the file system you can use Logstash and its standard plugins to read them (in real time). If WebSphere produces logs in some other format it will probably take more work.

Unless you can find something in the forum archives (or be general googling) you'll probably have to make up the Logstash yourself. We can help but we need additional details about the logs.

Since this is a Logstash question, please move it to the Logstash group.

Done.

Logs are text format only.How to connect IBM remote application servers using Logstash.
Is there any standard format?

Do we need to purchase Logstash Integration Toolkit for monitor IBM application server logs?

Why? Just point LS at the files and let it read them.

First we need to connect the servers right?
Can i have sample logstash conf file? or any reference url?

Take a look at https://www.elastic.co/guide/en/logstash/current/getting-started-with-logstash.html

I didn't see any info in this to connect server.
Already am able to load the static text log file using kibana.But i want monitor and analyze remote server logs.

Use the file input and then ship them via TCP or similar to another LS instance, then into ES.

Logs are located in specified path at unix server.So what we need to give in logstash input?
First we need to connect server by giving credentials ,then go to the specified path and grep with the string with particular date.

You will need to install an agent on each application server node that will read the local log files and send them to Logstash and Elasticsearch for further processing. Logstash itself can be used for this using the file input, but often a more light weight shipper, e.g. Logstash-forwarder, is used instead.