I had installed ELK in a VM machine (Ubuntu) but i don't know how i recover logs file with logstash.
Hi,
You can start with this: https://www.elastic.co/guide/en/logstash/7.0/advanced-pipeline.html
Or more simple directly with filebeat without logstatsh at least at beginning. Then depends on your needs you can continue with logstatsh. 
https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-getting-started.html
Hope it not make you more confuse.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.