Welcome to the Logstash documentation. Logstash is an open-source data processing pipeline that is used to collect, transform, and transport data. It's built to be robust, reliable, and easy to scale.

Features

  • Flexible Data Sources: Logstash can collect data from a variety of sources including files, databases, and message queues.
  • Data Transformation: Process and enrich your data using filters.
  • Data Output: Send your processed data to a variety of destinations such as Elasticsearch, AWS S3, and more.

Quick Start

To get started with Logstash, you can visit our Quick Start Guide.

Architecture

Logstash follows a simple architecture with three main components:

  • Inputs: Data sources such as files, databases, or message queues.
  • Filters: Process and transform data.
  • Outputs: Send data to destinations like Elasticsearch or file systems.

Inputs

Here are some common inputs:

  • File: Monitor and read files.
  • Stdin: Read data from standard input.
  • Tcp: Listen for data over TCP.

Filters

Common filters include:

  • Grok: Parse structured data.
  • JSON: Parse JSON data.
  • Ruby: Perform custom transformations using Ruby.

Outputs

Here are some common outputs:

  • Elasticsearch: Index data into Elasticsearch.
  • File: Write data to files.
  • Http: Send data to a web server.

Image Example

Logstash Architecture

Community

Logstash has a vibrant community. You can join the Logstash community forum to get help and share your experiences.

If you have any questions or need further assistance, please don't hesitate to reach out to our support team.