Where does logstash store the log files that it has read

simonrisberg · July 1, 2015, 8:51am

Hi!

I was wondering where Logstash is storing the log files that it has read and indexed. I was reading up a little on github and apparently the default folder for this is var/log/syslog but when I jump into the log folder I cannot find a file called syslog. I don't know if this is a setting that you must change somewhere. Worth mentioning is that I am not using a logstash forwarder. Right now I'm having everything on the same server just to try it out and explore.

Any help would be appreciated.

Best regards

magnusbaeck · July 1, 2015, 9:10am

Logstash doesn't have any default or mandatory storage of processed logs. It does ship with several output plugins that you can use to send logs to e.g. files, databases, message brokers, or to Elasticsearch, but it's up to you to configure that according to your needs.

simonrisberg · July 1, 2015, 9:27am

Thank you So what I need is a plugin that ships the read log files to a single logfile that I'm pointing out I guess Will look for this plugin

magnusbaeck · July 1, 2015, 9:52am

I've never seen a need for doing anything like that, but sure, just use the file output.

Topic		Replies	Views
Where are the Logstash Logs? Logstash	4	295	April 14, 2019
Where does Logstash store its data? Logstash	9	12611	July 6, 2017
Logstash logging Logstash	3	171	June 6, 2023
How to handle logstash logs in ubuntu 18.04 Logstash	6	1486	February 7, 2019
Logstash output going to syslog Logstash	6	396	September 29, 2018

Where does logstash store the log files that it has read

Related topics