...
Logstash XpoLog Integration
XpoLog’s architecture allows receiving data sent by logstash, using XpoLog's logstash output. In order to do this, a Syslog listener account should be created in XpoLog for receiving the data on a specific network port, and the XpoLog logstash output should be sending data to this listener.
Technical Details
XpoLog’s logstash output is a Ruby file that implements the logstash output functionality. The data that is sent by the output to the XpoLog listener is stored in logs and is available for searching, monitoring and analysis.
Setup
Note that in order for XpoLog to receive information sent from logstash, you should have an XpoLog Syslog listener configured and running. For more information about setting up a Syslog listener, click here
- Download XpoLog's logstash output: xpolog.rb
- Copy the xpolog.rb file you have downloaded to the lib/logstash/outputs directory, located under the logstash root directory
- Configure the xpolog output according to the available configuration
- Start XpoLog's logstash output
XpoLog's logstash output configuration
The following is an example of the structure of the xpolog output element.
output {
xpolog {
host => "localhost"
port => 514
protocol => "udp"
logname => "my-log"
procid => "1"
logparameters => {
xpologPath => "Root->logstash>my->localhostfolder"
pattern => "[{date:Date,dd/MMM/yyyy:HH:mm:ss}:Date] [{text:Thread}] {string:Message}"
}
}
}
The following table describes the parameters of output element.
...