Logstash configuration is in /etc/logstash/logstash.yml the rest in default
# ------------ Metrics Settings --------------
#
# Bind address for the metrics REST endpoint
#
http.host: "127.0.0.1"
#
# Bind port for the metrics REST endpoint, this option also accept a range
# (9600-9700) and logstash will pick up the first available ports.
#
# http.port: 9600-9700
#
# ------------ Debugging Settings --------------
#
# Options for log.level:
# * fatal
# * error
# * warn
# * info (default)
# * debug
# * trace
#
log.level: info
path.logs: /var/log/logstash
#
modules.d configurationis in /etc/logstash/conf.d/01-local-dev.conf
input {
file { path => "/var/log/syslog" }
}
output {
stdout { codec => rubydebug }
elasticsearch {
hosts => "localhost:9200"
}
}
Elasticsearch configuration in /etc/elasticsearch/elasticsearch.yml
# ---------------------------------- Paths -----------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: localhost
#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#