An easily-deployable stack of Elasticsearch, Logstash, and Kibana which can scale on your own BOSH-managed infrastructure.
First make sure you have properly targeted your existing BOSH director. Then you can upload the latest logsearch release...
git clone https://github.com/cloudfoundry-community/logsearch-boshrelease.git
cd logsearch-boshrelease
bosh upload release releases/logsearch-latest.yml
Next you'll need to create your own deployment manifest. Right now the easiest
way to do that is by using one of the examples
as a starting
point.
Then you can run the deploy...
bosh deployment my_manifest.yml
bosh deploy
Logsearch can currently receive logs over three different protocols:
- Syslog, Syslog TLS,
- RELP, and
- Lumberjack.
Depending on the protocol, you may need to configure additional properties in your deployment manifest (e.g. add certificates for Syslog TLS and Lumberjack).
If you need help getting your logs into the logsearch stack, you may find these tools useful:
- nxlog - multi-platform log collector and forwarder
- rsyslog - log collector and forwarder
- logstash-forwarder - log forwarder (using lumberjack)
By default, some filters
are pre-installed for common log formats, but eventually, you'll want to change
them or add your own application-specific log formats. Take a look at the
logsearch/logsearch-filters-common
repository for instructions
on setting up an environment for writing and testing your filters. Once written,
include your filters through the logstash_parser.filters
property.
RESTCLIENT_LOG=stdout API_URL="http://10.244.2.2" INGESTOR_HOST="10.244.2.14" bundle exec rspec