Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Logstash XpoLog Integration

XpoLog’s architecture allows receiving data sent by logstash, using XpoLog's logstash output. In order to do this, a Syslog listener account should be created in XpoLog for receiving the data on a specific network port, and the XpoLog logstash output should be sending data to this listener. 

 

Technical Details

XpoLog’s logstash output is a Ruby file that implements the logstash output functionality. The data that is sent by the output to the XpoLog listener is stored in logs and is available for searching, monitoring and analysis.

 

Setup

Note that in order for XpoLog to receive information sent from logstash, you should have an XpoLog Syslog listener configured and running. For more information about setting up a Syslog listener, click here

  1. Download XpoLog's logstash output: xpolog.rb
  2. Copy the xpolog.rb file you have downloaded to the lib/logstash/outputs directory, located under the logstash root directory
  3. Configure the xpolog output according to the available configuration
  4. Start XpoLog's logstash output

 

XpoLog's logstash output configuration

The following is an example of the structure of the xpolog output element.

output {
    xpolog {
        host => "localhost"
        port => 514
        protocol => "udp"
        logname => "my-log"
        procid => "1"
                logparameters => {
                    xpologPath => "Root->logstash>my->localhostfolder"
            pattern => "[{date:Date,dd/MMM/yyyy:HH:mm:ss}:Date] [{text:Thread}] {string:Message}"
                }
    }
}

  The following table describes the parameters of output element. 

...