Setup I followed for Installation:
Step to install :
1- Go to root : sudo su -
2- Download and install the Public Signing Key:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elastic-keyring.gpg
3- You may need to install the apt-transport-https package on Debian before proceeding:
sudo apt-get install apt-transport-https
4- Save the repository definition to /etc/apt/sources.list.d/elastic-8.x.list:
echo "deb [signed-by=/usr/share/keyrings/elastic-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-8.x.list
5- Run sudo apt-get update and the repository is ready for use. You can install it with:
sudo apt-get update && sudo apt-get install logstash
6- Start Logstash service :
sudo systemctl start logstash.service
7- Check status :
sudo service logstash status
Environment Setup:
Setup enviroment:
1- Location of logstash in UBUNTU:
cd /usr/share -- here you can see logstash file.
2- Set Bin path to enviroment:
echo 'export PATH=$PATH:/usr/share/logstash/bin' >> ~/.bashrc
source ~/.bashrc
3- Install input plugin for syslog:
logstash-plugin install logstash-input-syslog
-
OPENJDK already present in my EC2 .
-
When I am executing
logstash-plugin install logstash-input-syslog
command in/usr/share/logstash/bin
this directory , It will throw below error:
ERROR: File /usr/share/logstash/Gemfile does not exist or is not writable, aborting