I have an application that uses log4j2 to output it's log files.
I am trying to figure out a "correct", out-of-the-box way to get these logs into logstash.
I see there is a log4j input plugin, however it does not support log4j2.
I see there is a log4j2 community plugin, however, it doesn't work past version 2.x
sudo bin/logstash-plugin install logstash-input-log4j2 Validating logstash-input-log4j2 Installing logstash-input-log4j2 Plugin version conflict, aborting ERROR: Installation Aborted, message: Bundler could not find compatible versions for gem "logstash-core": In snapshot (Gemfile.lock): logstash-core (= 5.2.2) In Gemfile: logstash-core-plugin-api (>= 0) java depends on logstash-core (= 5.2.2) java logstash-input-log4j2 (>= 0) java depends on logstash-core (< 2.0.0, >= 1.4.0) java logstash-core (>= 0) java Running `bundle update` will rebuild your snapshot from scratch, using only the gems in your Gemfile, which may resolve the conflict. Bundler could not find compatible versions for gem "logstash": In Gemfile: logstash-input-log4j2 (>= 0) java depends on logstash (< 2.0.0, >= 1.4.0) java Could not find gem 'logstash (< 2.0.0, >= 1.4.0) java', which is required by gem 'logstash-input-log4j2 (>= 0) java', in any of the sources.
I also see that logstash ITSELF utilizes log4j2 on the backend, which makes me think, is there some other way to use these two together besides a specifically tailored log4j2 plugin? Maybe using logstash to stream the log file directly off disk or something like that? Or using the websocket plugin? I'm trying to find a solution that works to connect the two in an elegant way.