Access Logstash:
Pipelines are run via CLI.
Run pipelines as logstash
user, not root.
Example:
sudo -u logstash /usr/share/logstash/bin/logstash -e "input { stdin { } } output { stdout { } }"
Wait for the pipeline to start. Once running, type input and observe the processed output.
Important Directories:
- Config:
/etc/logstash
- Data:
/var/lib/logstash
- Logs:
/var/log/logstash
- Binaries:
/usr/share/logstash/bin
Manage Logstash Service:
Use systemctl
to manage the Logstash service:
systemctl status logstash
systemctl restart logstash
systemctl stop logstash
systemctl start logstash