Count of Log messages on logstash

Dublin_2020 · June 19, 2020, 3:22pm

Hi Guys i am new to elastic search , need an insight on how can we get the count of Log messages received in Logstash from rsyslog server. Any idea , this is to check the differnce in logs forwarded from rsyslog and recieved at Logstash end .

mgotechlock · June 21, 2020, 1:29pm

I don't know how you would count that at the logstash end, but if the data is making it to Elasticsearch, this should be doable. Is it?

wangqinghuan · June 21, 2020, 1:51pm

Is this helpful : https://www.elastic.co/guide/en/logstash/current/plugins-filters-metrics.html

NerdSec · June 21, 2020, 2:20pm

Hi Dublin,

Yes it is definitely possible. @steffens had helped me on an issue a couple of years back

The relevant part is as follows:
simple logstash config for testing:

input {
  beat { ... }
}

output {
  stdout { codec => dots }
}

This config prints one dot per event. Using pv we can measure throughput:

./bin/logstash test.cfg | pv -War > /dev/null

This will give you the event rate in terms of bytes/sec. To get an idea about the actual event rate, you will have to use the metric filter. Hope this helps!

system · July 19, 2020, 2:31pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.