As google search is "ELK" is the acronym for three open source projects: Elasticsearch, Logstash, and Kibana. ... Kibana lets users visualize data with charts and graphs in Elasticsearch. The Elastic Stack is the next evolution of ELK.
Download Logstash , ElasticSearch and Kibana from the website( https://www.elastic.co/ ).
Logstash – in the below file folder create - logstash-simple.conf
C:\Users\Sandeep Rana\Documents\LogAnalysis\logstash-6.2.1\bin\logstash-simple.conf
input {
file {
path =>"C:/Users/Sandeep Rana/Documents/workspace/log/system.log"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => log
}
stdout { codec => rubydebug }
}
ElasticSearch – in the below file folder update – elasticsearch.yml
C:\Users\Sandeep Rana\Documents\LogAnalysis\elasticsearch-6.2.1\config\elasticsearch.yml
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
#network.host: localhost
#
# Set a custom port for HTTP:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
Kibana – in the below file folder update – kibana.yml
C:\Users\Sandeep Rana\Documents\LogAnalysis\kibana-6.2.1-windows-x86_64\config\kibana.yml
# The URL of the Elasticsearch instance to use for all your queries.
#elasticsearch.url: "http://localhost:9200"
Then start ElasticSearch and kibana from the bin folder with their bat files.
Then start LogStash from the bin folder with below command-
Logstash -f logstash-simple.conf
Open kibana by hitting below url in the browser-
http://localhost:5601/
