logstash

Centralize, Transform & Stash Your Data

Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite “stash.” (Ours is Elasticsearch, naturally.)
logstash

From 0 to 60 in 60: The Logstash Primer. Watch Webinar

New 5.5 continues the message durability theme with much-awaited dead letter queues. Plus, the Grok Debugger - you know, to debug your grok patterns. Read More

5.10.83.30
user-identifier frank

[10/Oct/2000:13:55:36 -0700]

"GET/apache_pb.gif HTTP/1.0" 200 2326

5.10.83.30 user-identifier frank

[10/Oct/2000:13:55:36 -0700]

"GET /apache_pb.gif HTTP/1.0" 200 2326

5.10.83.30 user-identifier frank

[10/Oct/2000:13:55:36 -0700]

"GET /apache_pb.gif HTTP/1.0" 200 2326

5.10.83.30 user-identifier frank

2000-10-10T13:55:36.000Z.

"GET /apache_pb.gif HTTP/1.0" 200 2326

EXTENSIBILITY

Create and Configure Your Pipeline, Your Way

Logstash has a pluggable framework featuring over 200 plugins. Mix, match, and orchestrate different inputs, filters, and outputs to work in pipeline harmony.

Ingesting from a custom application? Don’t see a plugin you need? Logstash plugins are easy to build. We’ve got a fantastic API for plugin development and a plugin generator to help you start and share your creations.

DURABILITY

Trust in a Pipeline Built to Deliver

If Logstash nodes happen to fail, Logstash guarantees at-least-once delivery for your in-flight events with its persistent queue. Events that are not successfully processed can be shunted to a dead letter queue for introspection and replay. With the ability to absorb throughput, Logstash scales through ingestion spikes without having to use an external queueing layer.

MONITORING

Have Full Visibility into Your Deployments

Logstash pipelines are often multipurpose and can become sophisticated, making a strong understanding of pipeline performance, availability, and bottlenecks is invaluable. With the monitoring features in X-Pack, you can easily observe and study an active Logstash node or full deployment.

Logstash Monitoring Dashboard

SECURITY

Secure Your Pipelines, End to End

Whether you're running 10s or 1000s of Logstash instances, we’ve made it possible for you to fully secure your ingest pipelines. Incoming data from Beats along with other inputs can be encrypted over the wire, and there's full integration with secured Elasticsearch clusters.

How Many Logs Can a Logstash Stash? Find Out.

Skip chasing down dependencies or writing cron jobs for repeated restarts. Logstash minimizes the hoops to jump through to get started, letting you deploy a pipeline that keeps pace with your event stream.

Download

Open source and free to use.