To install Logstash on the system, we should follow the steps given below −
Step 1 − Check the version of your Java installed in your computer; it should be Java 8 because it is not compatible with Java 9. You can check this by −
In a Windows Operating System (OS) (using command prompt) −
> java -version
In UNIX OS (Using Terminal) −
$ echo $JAVA_HOME
Step 2 − Download Logstash from −
https://www.elastic.co/downloads/logstash.
For Windows OS, download the ZIP file.
For UNIX OS, download the TAR file.
For Debian OS download the DEB file.
For Red Hat and other Linux distributions, download the RPN file.
APT and Yum utilities can also be used to install Logstash in many Linux distributions.
Step 3 − The installation process for Logstash is very easy. Let’s see how you can install Logstash on different platforms.
Note − Do not put any whitespace or colon in the installation folder.
Windows OS − Unzip the zip package and the Logstash is installed.
UNIX OS − Extract the tar file in any location and the Logstash is installed.
$tar –xvf logstash-5.0.2.tar.gz
Using APT utility for Linux OS −
$ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
$ echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list
$ sudo apt-get update
$ sudo apt-get install logstash
Using YUM utility for Debian Linux OS −
$ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
Add the following text in the file with the .repo suffix in your o “/etc/yum.repos.d/” directory. For example, logstash.repo
[logstash-5.x] name = Elastic repository for 5.x packages baseurl = https://artifacts.elastic.co/packages/5.x/yum gpgcheck = 1 gpgkey = https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled = 1 autorefresh = 1 type = rpm-md
$ sudo yum install logstash
Step 4 − Go to the Logstash home directory. Inside the bin folder, run the elasticsearch.bat file in case of windows or you can do the same using the command prompt and through the terminal. In UNIX, run the Logstash file.
We need to specify the input source, output source and optional filters. For verifying the installation, you can run it with the basic configuration by using a standard input stream (stdin) as the input source and a standard output stream (stdout) as the output source. You can specify the configuration in the command line also by using –e option.
In Windows −
> cd logstash-5.0.1/bin > Logstash -e 'input { stdin { } } output { stdout {} }'
In Linux −
$ cd logstash-5.0.1/bin $ ./logstash -e 'input { stdin { } } output { stdout {} }'
Note − in case of windows, you might get an error stating JAVA_HOME is not set. For this, please set it in environment variables to “C:\Program Files\Java\jre1.8.0_111” or the location where you installed java.
Step 5 − Default ports for Logstash web interface are 9600 to 9700 are defined in the logstash-5.0.1\config\logstash.yml as the http.port and it will pick up the first available port in the given range.
We can check if the Logstash server is up and running by browsing http://localhost:9600 or if the port is different and then please check the command prompt or terminal. We can see the assigned port as “Successfully started Logstash API endpoint {:port ⇒ 9600}. It will return a JSON object, which contains the information about the installed Logstash in the following way −
{ "host":"manu-PC", "version":"5.0.1", "http_address":"127.0.0.1:9600", "build_date":"2016-11-11T22:28:04+00:00", "build_sha":"2d8d6263dd09417793f2a0c6d5ee702063b5fada", "build_snapshot":false }