How to use Logstash monitoring API?

elasticheart · February 2, 2017, 11:04am

Hi,

I have multiple Logstash instances and it will be fine if I can see their status in a Kibana dashboard. I got to know about Logstash monitoring API here https://www.elastic.co/guide/en/logstash/current/monitoring.html but I dont know how to use it / how to work with it. I entered GET /_node/pipeline in Kibana Dev Tools > Console, but it returned;

{
  "error": {
    "root_cause": [
      {
        "type": "illegal_argument_exception",
        "reason": "No endpoint or operation is available at [pipeline]"
      }
    ],
    "type": "illegal_argument_exception",
    "reason": "No endpoint or operation is available at [pipeline]"
  },
  "status": 400
}

How can I monitor Logstash instances (whether they are up or not), and display it in a Kibana dashboard?

Thank you.

Christian_Dahlqvist · February 2, 2017, 11:11am

With the release of Elastic Stack 5.2, X-Pack Monitoring now supports monitoring Logstash as well as Elasticsearch and Kibana. This is available through the free Basic X-Pack license.

elasticheart · February 2, 2017, 11:15am

Ok..
@Christian_Dahlqvist Will this show my each Logstash instance separately, or a combined one?

Christian_Dahlqvist · February 2, 2017, 8:34pm

I believe there are separate screens for overview and instance level information.

elasticheart · February 3, 2017, 4:47am

Ok.
Could you tell me if this is possible without X-Pack? I got to know that Logstash has a monitoring API https://www.elastic.co/guide/en/logstash/5.0/monitoring.html but I don't know how to use it could you help me with it?

Christian_Dahlqvist · February 3, 2017, 6:25am

The monitoring data is available through an HTTP end-point described in the documentation, so if you have something poll this at a regular interval, perform any transformation that is required and index it into Elasticsearch, you should be able to build Kibana dashboards around it. I have however not used the API, so will not really be able to help with the details. Is there any reason you can not use X-Pack with the free basic license?

elasticheart · February 3, 2017, 6:29am

@Christian_Dahlqvist I am using X-Pack with basic license, but its GA 5.0.0.

When I tried GET /_node/pipeline in Kibana console, it returned no end point error. Is it possible to use this with GA 5.0.0?

Christian_Dahlqvist · February 3, 2017, 6:33am

Monitoring of Logstash in X-Pack was introduced in version 5.2. There has been a number of bug fixes and enhancements since 5.0, so I would recommend you upgrade.

The Kibana console queries the Elasticsearch cluster only for security reasons, so you can not use Console to query the HTTP end point on Logstash.

elasticheart · February 3, 2017, 6:39am

Ok @Christian_Dahlqvist .. I can upgrade, but takes time I think.

I have entered curl -XGET "http://localhost:9200/_node/pipeline" in my Linux console, but it returned;

{"error":{"root_cause":[{"type":"illegal_argument_exception","reason":"No endpoint or operation is available at [pipeline]"}],"type":"illegal_argument_exception","reason":"No endpoint or operation is available at [pipeline]"},"status":400}

Why is this happening?

Christian_Dahlqvist · February 3, 2017, 6:56am

The API is available on the Logstash process, not Elasticsearch, and therefore uses port 9600 by default, not 9200.

elasticheart · February 3, 2017, 7:39am

Thank you so much @Christian_Dahlqvist

system · March 3, 2017, 7:39am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.