Centralize, Transform & Stash Your Data

Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite “stash.” (Ours is Elasticsearch, naturally.)

From 0 to 60 in 60: The Logstash Primer. Watch Webinar

New Now durable across instance failures with at-least-once-delivery guarantees. It also supports Kafka Kerberos SASL auth and ArcSight CEF ingestion. Read More user-identifier frank

[10/Oct/2000:13:55:36 -0700]

"GET/apache_pb.gif HTTP/1.0" 200 2326 user-identifier frank

[10/Oct/2000:13:55:36 -0700]

"GET /apache_pb.gif HTTP/1.0" 200 2326 user-identifier frank

[10/Oct/2000:13:55:36 -0700]

"GET /apache_pb.gif HTTP/1.0" 200 2326 user-identifier frank


"GET /apache_pb.gif HTTP/1.0" 200 2326


Create and Configure Your Pipeline, Your Way

Logstash has a pluggable framework featuring over 200 plugins. Mix, match, and orchestrate different inputs, filters, and outputs to work in pipeline harmony.

Ingesting from a custom application? Don’t see a plugin you need? Logstash plugins are easy to build. We’ve got a fantastic API for plugin development and a plugin generator to help you start and share your creations.


Secure It and Monitor It

Whether you’re running 10s or 1000s of Logstash instances, we’ve made it possible for you to secure and keep a pulse on the status of your ingest pipelines from end to end. Incoming data from Beats along with other inputs can be encrypted over the wire, and there's full integration with secured Elasticsearch clusters. Logstash also has a monitoring API which unlocks visibility of the overall pipeline health and performance.

How Many Logs Can a Logstash Stash? Find Out.

Skip chasing down dependencies or writing cron jobs for repeated restarts. Logstash minimizes the hoops to jump through to get started, letting you deploy a pipeline that keeps pace with your event stream.


Open source and free to use.