Logstash: s3 input plugin

harkamals · April 1, 2018, 11:24am

Hello, I am to work on a use case of ingesting aws cloud trail logs from a s3 bucket into logstash.

A number of logstash servers are spun by the auto scaling group
Do I need to apply s3 input config to every one of them as bootstrap config ?
If so, will several logstash servers work to digest files from s3 ? could this result into duplicate entries in elasticsearch ?
Or is there a better way to push config to servers, auto magically ?

thank you, and I look forward to advise.

Best regards

magnusbaeck · April 5, 2018, 7:43pm

Logstash's s3 input has no support for multiple instances pulling logs from the same bucket.

system · May 3, 2018, 7:43pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
A question around logstash S3 input plugin Logstash	3	419	November 8, 2023
High Availibility for Logstash Input Processing Logstash	2	415	April 10, 2018
How to use Beat with Amazon S3 logs as input? Logstash	1	359	March 18, 2019
How the logstash s3 input plugin handle load balance? Logstash	3	1076	June 27, 2017
Logstash failover s3 Logstash	4	735	January 17, 2017