Would you like to learn how to do a Logstash installation on Ubuntu Linux? In this tutorial, we are going to show you how to install Logstash on a computer running Ubuntu Linux.
• Ubuntu 20
• Ubuntu 19
• Ubuntu 18
• ElasticSearch 7.6.2
• Logstash 7.6.2
In our example, The ElastiSearch node 01 IP address is 192.168.100.9.
ElasticSearch Related Tutorial:
On this page, we offer quick access to a list of tutorials related to ElasticSearch installation.
Tutorial Logstash – Installation
Use apt-get to install the required packages.
Find the Java installation directory.
In our example, Java is installed on the following directory: /usr/lib/jvm/java-11-openjdk-amd64
Create a file to configure the required Java variables.
Here is the file content.
Reboot the computer.
Verify if the system created automatically the environment variable named: JAVA_HOME.
Here is the command output.
Download and install the ElasticSearch repository key.
Add the official ElasticSearch repository to your APT database
Update the APT-GET database and install the Logstash package.
Configure the Logstash service to start automatically.
Congratulations! You have finished the Logstash installation on Ubuntu Linux.
Tutorial Logstash – Configuration example
Stop the Logstash service.
Create a Logstash configuration file to receive Syslog information.
Here is the file content.
In our example, the Logstash service will listen to Syslog messages input on port 5000.
The Logstash service will process and send the Syslog information to the ElasticSearch server running on 192.168.100.9.
Start the Logstash service.
Congratulations! You have finished the Logstash configuration.
Tutorial Logstash – Sending Syslog messages
Use apt-get to install the required packages.
Stop the RSyslog service.
Edit the Syslog configuration file.
Add the following lines at the end of the file.
Start the RSyslog service.
In our example, Linux will send Syslog messages to the Logstash server IP address on port 5000.
