I want merge/aggregate logfiles from diffrent Clusternodes to one Logfile on logfile Storage.
Currently I use log / slog, but this is no longer being developed. I evaluate the index and the logfiles already Elasticsearch and Logstash use, I am now seeking to aggregate the files with logstash a possibility.
It is important that the log files are put together in the correct sequence.
So far I have found no such Logstash plugin or an appropriate documentation.
It is important that the log files are put together in the correct sequence.
What does this mean, specifically? That the events in a particular input file end up in the same order in the output file, or that all events from an input file are laid out consecutively in the output file? In other words, given these input files:
fileA:
A1
A2
A3
fileB:
B1
B2
B3
Would
B1
A1
A2
B2
A3
B3
be okay in the output file or do you need this:
A1
A2
A3
B1
B2
B3
Logstash has many input plugins that you can use to collect data from your machines, and the file output plugin can write some or all of those events to files. It's not clear why that wouldn't be sufficient in your case.
Decisive for the arrangement of the timestamp is in file. If I have in 5 seconds 10 entries in the log file A and only 1 in the log file B then should all look like this later.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.