When it comes to centralizing logs to Elasticsearch, the first log shipper that comes to mind is Logstash. People hear about it even if it’s not clear what it does:

Whether you capture them for application security and compliance, production monitoring, performance monitoring, or troubleshooting, logs contain valuable information about the health of your apps. But it all comes down

This recipe is similar to the previous rsyslog + Redis + Logstash one, except that we’ll use Kafka as a central buffer and connecting point instead of Redis. You’ll have

Centralizing logs to Elasticsearch? Of course, the first log shipper that comes to mind is Logstash. When you get into it, you realize centralizing logs often implies a bunch of

Pretty much everyone's heard about syslog: with its roots in the 80s, it's still used for a lot of the log management done today. Mostly because of its long history, syslog

More than two years ago we posted a recipe on how to centralize syslog in Elasticsearch in order to search and analyze them with Kibana, all by using only rsyslog.

OK, so you want to hook up rsyslog with Logstash. If you don't remember why you want that, let me give you a few hints: Logstash can do lots of