Rectangle 27 0

Install Logstash Forwarder Package

On Client Server, create run the following command to import the Elasticsearch public GPG key into rpm:

sudo rpm --import http://packages.elasticsearch.org/GPG-KEY-elasticsearch

Create and edit a new yum repository file for Logstash Forwarder:

sudo vi /etc/yum.repos.d/logstash-forwarder.repo

Add the following repository configuration:

[logstash-forwarder]

name=logstash-forwarder repository

baseurl=http://packages.elasticsearch.org/logstashforwarder/centos

gpgcheck=1

gpgkey=http://packages.elasticsearch.org/GPG-KEY-elasticsearch

enabled=1

Save and exit.

Then install the Logstash Forwarder package:

sudo yum -y install logstash-forwarder

Now copy the Logstash server's SSL certificate into the appropriate location (/etc/pki/tls/certs):

sudo cp /tmp/logstash-forwarder.crt /etc/pki/tls/certs/
Logging Nginx Monitoring CentOS
Rectangle 27 0

Install Logstash

The Logstash package shares the same GPG Key as Elasticsearch, and we already installed that public key, so let's create and edit a new Yum repository file for Logstash:

sudo vi /etc/yum.repos.d/logstash.repo

Add the following repository configuration:

[logstash-1.5]

name=logstash repository for 1.5.x packages

baseurl=http://packages.elasticsearch.org/logstash/1.5/centos

gpgcheck=1

gpgkey=http://packages.elasticsearch.org/GPG-KEY-elasticsearch

enabled=1

Save and exit.

Install Logstash 1.5 with this command:

sudo yum -y install logstash

Logstash is installed but it is not configured yet.

Logging Nginx Monitoring CentOS
Rectangle 27 0

Set Up Logstash Forwarder (Add Client Servers)

Do these steps for each Ubuntu or Debian server that you want to send logs to your Logstash Server. For instructions on installing Logstash Forwarder on Red Hat-based Linux distributions (e.g. RHEL, CentOS, etc.), refer to the Build and Package Logstash Forwarder section of the CentOS variation of this tutorial.

Logging Nginx Monitoring Ubuntu
Rectangle 27 0

Set Up Logstash Forwarder (Add Client Servers)

Do these steps for each CentOS or RHEL 7 server that you want to send logs to your Logstash Server. For instructions on installing Logstash Forwarder on Debian-based Linux distributions (e.g. Ubuntu, Debian, etc.), refer to the Build and Package Logstash Forwarder section of the Ubuntu variation of this tutorial.

Logging Nginx Monitoring CentOS
Rectangle 27 0

Install Logstash

The Logstash package is available from the same repository as Elasticsearch, and we already installed that public key, so let's create the Logstash source list:

echo 'deb http://packages.elasticsearch.org/logstash/1.5/debian stable main' | sudo tee /etc/apt/sources.list.d/logstash.list

Update your apt package database:

sudo apt-get update

Install Logstash with this command:

sudo apt-get install logstash

Logstash is installed but it is not configured yet.

Logging Nginx Monitoring Ubuntu
Rectangle 27 0

Install Logstash Forwarder Package

On Client Server, create the Logstash Forwarder source list:

echo 'deb http://packages.elasticsearch.org/logstashforwarder/debian stable main' | sudo tee /etc/apt/sources.list.d/logstashforwarder.list

It also uses the same GPG key as Elasticsearch, which can be installed with this command:

wget -O - http://packages.elasticsearch.org/GPG-KEY-elasticsearch | sudo apt-key add -

Then install the Logstash Forwarder package:

sudo apt-get update

sudo apt-get install logstash-forwarder

Note: If you are using a 32-bit release of Ubuntu, and are getting an "Unable to locate package logstash-forwarder" error, you will need to install Logstash Forwarder manually.

Now copy the Logstash server's SSL certificate into the appropriate location (/etc/pki/tls/certs):

sudo mkdir -p /etc/pki/tls/certs

sudo cp /tmp/logstash-forwarder.crt /etc/pki/tls/certs/
Logging Nginx Monitoring Ubuntu