Exec plugin

jbl · April 9, 2017, 3:23pm

Hello,

*** goal is to process logstash data in realtime ***

I am new to logstash, and i tried the exec plugin in order to process the output with php script :

output {
exec {
command => "php /opt/admin/script.php %{message}"
}
}

in the example above, one instance of php script is called everytime for each output.

what i would lilke to do is to have a script that can track all ouputs, so that way of doing is wrong.

What would be the best approach ? Send output to elasticsearch and use RestAPI with a php script to follow the flow of output ? What the "real time" would be, i mean how to be closest to the "realtime" ?.

Regards

magnusbaeck · April 10, 2017, 5:31am

Have a look at the pipe output.

I'd send the events to a broker (Redis, RabbitMQ, Kafka, ...) and write a script that pulls the events from there.

system · May 8, 2017, 5:34am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.