Sending Logstash Logs to Loggly

We are using Logstash for our log management. We integrated logstash with ElasticSearch, and Kibana UI. However it does not work very well to us. So we were looking for possible tools to visualize the logs without much work. Finally, we decided to use Loggly. Then we just follow the steps provided by loggly in their documentation. Unfortunately it does not work for Logstash version 1.5. After spending few hours, we made it work. Here are the steps.

Install Loggly Plugin

Since Logstash version 1.5, there is a new plugin management system. To install a Logstash Loggly plugin, use the following command:

sudo bin/plugin install logstash-output-loggly

Create Logstash configuration

Create a logstash-loggly.conf file with following contents

      key => "TOKEN"
      host => ""
      proto => "https"

where TOKEN - your customer token from the source setup page

You can place this file under /etc/logstash/conf.d/.

Restart the Logstash

Restart Logstash to send the files to Loggly.

service logstash restart

It may take a few minutes to index the event. If it doesn’t work, you can see /var/log/logstash/logstash.err.

Vote on HN

comments powered byDisqus