Logstash Introduction

https://www.cnblogs.com/aresxin/p/8035137.html

Elasticsearch是个开源分布式搜索引擎，提供搜集、分析、存储数据三大功能。它的特点有：分布式，零配置，自动发现，索引自动分片，索引副本机制，restful风格接口，多数据源，自动搜索负载等。

Logstash 主要是用来日志的搜集、分析、过滤日志的工具，支持大量的数据获取方式。一般工作方式为c/s架构，client端安装在需要收集日志的主机上，server端负责将收到的各节点日志进行过滤、修改等操作在一并发往elasticsearch上去。

Kibana 也是一个开源和免费的工具，Kibana可以为 Logstash 和 ElasticSearch 提供的日志分析友好的 Web 界面，可以帮助汇总、分析和搜索重要数据日志。

https://www.elastic.co/guide/en/logstash/current/introduction.html

Logstash is an open source data collection engine with real-time pipelining capabilities.

Logstash can dynamically unify data from disparate sources and normalize the data into destinations of your choice.

Cleanse and democratize all your data for diverse advanced downstream analytics and visualization use cases.

While Logstash originally drove innovation in log collection, its capabilities extend well beyond that use case.

Any type of event can be enriched and transformed with a broad array of input, filter, and output plugins, with many native codecs further simplifying the ingestion process.

Logstash accelerates your insights by harnessing a greater volume and variety of data.

The Power of Logstash

The ingestion workhorse for Elasticsearch and more

Horizontally scalable data processing pipeline with strong Elasticsearch and Kibana synergy协同

Pluggable pipeline architecture

Mix, match, and orchestrate different inputs, filters, and outputs to play in pipeline harmony

Community-extensible and developer-friendly plugin ecosystem

Over 200 plugins available, plus the flexibility of creating and contributing your own

Logstash Loves Data

Collect more, so you can know more. Logstash welcomes data of all shapes and sizes.

Logs and Metrics

Where it all started.

Handle all types of logging data
- Easily ingest a multitude of web logs like Apache, and application logs like log4j for Java
- Capture many other log formats like syslog, networking and firewall logs, and more
Enjoy complementary secure log forwarding capabilities with Filebeat
Collect metrics from Ganglia, collectd, NetFlow, JMX, and many other infrastructure and application platforms over TCP and UDP

Choose Your Stash

Route your data where it matters most. Unlock various downstream analytical and operational use cases by storing, analyzing, and taking action on your data.

Analysis

Elasticsearch
Data stores such as MongoDB and Riak

Archiving

HDFS
S3

Monitoring

Nagios
Ganglia
Zabbix
Graphite
Datadog
CloudWatch

Alerting

Watcher with Elasticsearch
Email
Pagerduty
IRC
SNS

转载于:https://www.cnblogs.com/chucklu/p/10559174.html