I'm creating a logstash.conf file to filter input from Docker logs, Logspout, CoreOS systemd journal and syslog and was hoping if anyone could share their validated logstash.conf file which does any of these please?
I appreciate your assistance. Thanks.
For logstash to receive log messages from logspout container, you just need:
input { udp { port => 5000 codec => json } }
In your logspout Dockerfile you need to define:
ENV ROUTE_URIS=logstash://ip.address.of.logstash:5000
If you're just testing this, don't use 127.0.0.1. Once you start the logspout container, it will send log messages to logstash over udp to port 5000.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.