Totally new to the ELK stack and a beginner on programming level speaking here.
I currently have a Django Python application running on Heroku. It works with Papertrail logging. Papertrail receives the logs through a so-called "drains"-setup from Heroku.
I tried to use this "drains"-setup to feed directly logs into Elastic Cloud. The logs arrive but I get this kind of warning:
[WARN ][org.elasticsearch.deprecation.rest.RestController] Content type detection for rest requests is deprecated. Specify the content type using the [Content-Type] header.
Therefore, I was looking into hosting Logstash so I have the right format (?) in which the logs enter the Elasticsearch environment.
Some questions therefore:
- Is this the right approach? Using Logstash to get a 'clean' the format or do I have some other problem
- What would be the best practices to host Logstash? AWS, GCP?
- How would I do that? Any good tutorials - not super familiar with launching stuff on AWS and GCP.
- would it be easier to just go for the heroku add-on?
Thanks,
Pieter-Jan