This is the straight and straightforward way to install Logstash either on your Ubuntu 20.04 desktop or your Ubuntu 20.04 server instance.
Do you want to extract data from some log files or a database? And you’ve just heard about Logstash and want to give it a try? Well, you’ve come to the right guide.
1- Update your system
First things first. Let’s start on the right basis.
sudo apt update && apt upgrade
2- Install Logstash
Logstash uses Java. It requires one of these versions of java:
- Java 8
- Java 11
- Java 15
Let’s go with the oldest to make things simple.
sudo apt install openjdk-8-jre-headlesssudo apt updatesudo apt install logstash
3- Set up your first Logstash pipeline
Let us assume that you want to parse an apache access log file.
To create your first Logstash pipeline:
- Install Elasticsearch
Go and check this link to Install and Configure Elasticsearch on Ubuntu 20.04.
- Create your Logstash pipeline config file
sudo nano /etc/logstash/conf.d/first-logstash-pipeline.conf
Paste the code below:
⚠️ You do have to replace /path/to/your/log/file with your apache access log file path.
- Run your pipeline with Logstash
sudo /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/first-logstash-pipeline.conf
- Check the result on Elasticsearch
Launch a terminal and type:
curl -H "Content-Type: application/json" -XGET 127.0.0.1:9200/logs/_search?pretty
I’ll be happy to hear that everything goes right for you during this installation. If you’ve any concerns, please let me know in the comments. I’ll be thrilled to help out.
May your Logstash usage journey be full of wonderful experiences.
See you, amigo!