I am trying to Install SYSLOG input plugin in Logstash which I installed in EC2 Ubuntu Linux but nto able to do this

Subrato1 · January 5, 2024, 9:35am

Setup I followed for Installation:

Step to install :


1- Go to root : sudo su -

2- Download and install the Public Signing Key:

	wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elastic-keyring.gpg

3- You may need to install the apt-transport-https package on Debian before proceeding:

	sudo apt-get install apt-transport-https

4- Save the repository definition to /etc/apt/sources.list.d/elastic-8.x.list:

	echo "deb [signed-by=/usr/share/keyrings/elastic-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-8.x.list

5- Run sudo apt-get update and the repository is ready for use. You can install it with:

	sudo apt-get update && sudo apt-get install logstash


6- Start Logstash service :

	sudo systemctl start logstash.service

7- Check status :

	sudo service logstash status

Environment Setup:

Setup enviroment:


1- Location of logstash in UBUNTU:

	cd /usr/share -- here you can see logstash file.

2- Set Bin path to enviroment:

	echo 'export PATH=$PATH:/usr/share/logstash/bin' >> ~/.bashrc
	
	source ~/.bashrc

3- Install input plugin for syslog:
	
	logstash-plugin install logstash-input-syslog

OPENJDK already present in my EC2 .
When I am executing logstash-plugin install logstash-input-syslog command in /usr/share/logstash/bin this directory , It will throw below error:

ERROR: File /usr/share/logstash/Gemfile does not exist or is not writable, aborting

leandrojmp · January 5, 2024, 12:22pm

Not sure what those instructions are, but regarding to Elastic tools always check the official documentation.

The logstash-input-syslog is bundled in Logstash, there is no need to install it as you can see in the documentation.

Plugins that are not bundled will have an Installation section in the beginning of their documentation.

Subrato1 · January 8, 2024, 5:28am

Hi @leandrojmp

I followed this URL:

Installing Logstash | Logstash Reference [7.14] | Elastic

leandrojmp · January 8, 2024, 12:35pm

These are generics instructions on how to install Logstash and it does not mention the need to install the syslog input plugin, it is already installed.

You may ignore this error.

What is your issue besides that?

system · February 5, 2024, 12:36pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.