Is it possible to use ELK without logstash? I have filebeats, elasticsearch and kibana running without any problems, but inserting logstash into this mix seems like a real pain.
I am new to ELK stack, and probably missing something, but what value does logstash bring? if my beats read the log files, and I can use grok filters on kibana to make the output searchable in a practical way, then why do I need logstash?
If what you have works then there's no need to complicate it. Logstash just adds extra capabilities.
Also FYI we’ve renamed ELK to the Elastic Stack, otherwise Beats and APM feel left out! 
See https://www.elastic.co/elk-stack
if my beats read the log files, and I can use grok filters on kibana to make the output searchable in a practical way, then why do I need logstash?
Kibana doesn't do any grokking so it's not clear what you mean.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.