Daily Archives: 29.01.2015


Shipping your Nginx logs to Elasticsearch using Logstash

First of all create a new log format in /etc/nginx/nginx.conf and add/replace an access log directive: log_format logstash ‘$http_host ‘ ‘$remote_addr [$time_local] ‘ ‘”$request” $status $body_bytes_sent ‘ ‘”$http_referer” “$http_user_agent” ‘ ‘$request_time ‘ ‘$upstream_response_time’; access_log /var/log/nginx/access.log logstash; Install Elasticsearch like described here. Install Logstash like described here. Add the following pattern to logstash in /opt/logstash/paggerns/nginx: NGUSERNAME […]


Setting up Logstash on Debian/Ubuntu

Install Logstash: cd /tmp wget https://download.elasticsearch.org/logstash/logstash/logstash-1.4.2.tar.gz tar -xvpf logstash-1.4.2.tar.gz mv logstash-1.4.2 /opt/logstash Create an init script /etc/init.d/logstash (this one worked fine for me on Ubuntu 14.04): #! /bin/sh ### BEGIN INIT INFO # Provides: logstash # Required-Start: $network $remote_fs $named $elasticsearch # Required-Stop: $network $remote_fs $named $elasticsearch # Default-Start: 2 3 4 5 # Default-Stop: […]


Install Elasticsearch on Debian/Ubuntu   Recently updated !

Install Java: apt-get update apt-get install -y openjdk-8-jre openjdk-8-jre-headless On older Debian releases you may only find openjdk-7-jre openjdk-7-jre-headless instead. Add the repository and install Elasticsearch: wget -qO – https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add – apt-get install -y apt-transport-https software-properties-common add-apt-repository “deb https://artifacts.elastic.co/packages/5.x/apt stable main” apt-get update apt-get install -y elasticsearch On older Debian releases […]