{"id":34,"date":"2014-10-08T02:42:00","date_gmt":"2014-10-08T02:42:00","guid":{"rendered":"http:\/\/www.asianux.org.vn\/index.php\/2014\/10\/08\/centralized-logs-management-with-logtash-elasticsearch-and-redis\/"},"modified":"2014-10-08T02:42:00","modified_gmt":"2014-10-08T02:42:00","slug":"centralized-logs-management-with-logtash-elasticsearch-and-redis","status":"publish","type":"post","link":"https:\/\/www.asianux.org.vn\/index.php\/2014\/10\/08\/centralized-logs-management-with-logtash-elasticsearch-and-redis\/","title":{"rendered":"Centralized Logs Management with Logtash, ElasticSearch, and Redis"},"content":{"rendered":"<p><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">Deploying a<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">Centralized Logs Management System<\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><span>&nbsp;<\/span>seems very easy these days with such these great tools:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">Logtash<\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">: collect logs, index logs, process logs, and ship logs<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">Redis<\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">: receive logs from logs shippers<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">ElasticSearch<\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">: store logs<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMo\nno, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">Kibana<\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">: web interface with graphs, tables&#8230;<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">We will implement the logs management system as the following architecture:<\/span><\/p>\n<div style=\"-webkit-text-stroke-width: 0px; background-color: white; clear: both; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: center; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><a href=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/logstach-archi.png\" style=\"color: #888888; margin-left: 1em; margin-right: 1em; text-decoration: none;\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" height=\"340\" src=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/logstach-archi-300x160.png\" style=\"-webkit-box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; background: rgb(255, 255, 255); border: 1px solid rgb(238, 238, 238); box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; padding: 5px; position: relative;\" width=\"640\" alt=\"\" title=\"\"><\/a><\/div>\n<p><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><\/p>\n<div style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: center; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><span style=\"font-size: xx-small;\"><i>(based on this article:<span>&nbsp;<\/span><a href=\"http:\/\/michael.bouvy.net\/blog\/en\/2013\/11\/19\/collect-visualize-your-logs-logstash-elasticsearch-redis-kibana\/\" style=\"color: #888888; text-decoration: none;\" target=\"_blank\" rel=\"noopener\">http:\/\/michael.bouvy.net\/blog\/en\/2013\/11\/19\/collect-visualize-your-logs-logstash-elasticsearch-redis-kibana\/<\/a>)<\/i><\/span><\/div>\n<p><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">In&nbsp; this tutorial, I only deploy<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">one shipper<\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><span>&nbsp;<\/span>(nginx logs of my Django app) on one machine, and<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">one server<\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><span>&nbsp;<\/span>to play as logs indexer (redis, logstash, elasticsearch, kibana):<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px;\n text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">1.<span>&nbsp;<\/span><\/b><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><b>On the<span>&nbsp;<\/span><span style=\"color: #073763;\">indexer server, i<\/span><\/b>nstall and run<span>&nbsp;<\/span><span style=\"color: #cc0000;\">Redis<\/span>:&nbsp;<\/b><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><a href=\"http:\/\/iambusychangingtheworld.blogspot.com\/2013\/11\/install-redis-and-run-as-service.html\" style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #888888; font-family: &#039;Courier New&#039;, Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" target=\"_blank\" rel=\"noopener\">http:\/\/iambusychangingtheworld.blogspot.com\/2013\/11\/install-redis-and-run-as-service.html<\/a><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">2. O<\/b><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><b>n the<span>&nbsp;<\/span><span style=\"color: #073763;\">indexer server, i<\/span><\/b>nstall and run<span>&nbsp;<\/span><span style=\"color: #38761d;\">ElasticSearch<\/span><span style=\"color: #073763;\"><\/span>:<\/b><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ sudo aptitude install openjdk-6-jre<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ wget https:\/\/download.elasticsearch.org\/elasticsearch\/elasticsearch\/elasticsearch-0.90.7.deb<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ sudo dpkg -i elasticsearch<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br styl\ne=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">3. O<\/b><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><b>n the<span>&nbsp;<\/span><span style=\"color: #073763;\">indexer server,<span>&nbsp;<\/span><\/span><\/b>download, create config and run<span>&nbsp;<\/span><span style=\"color: #bf9000;\">Logtash<\/span><span>&nbsp;<\/span>to get log from<span>&nbsp;<\/span><span style=\"color: #cc0000;\">Redis<\/span><span>&nbsp;<\/span>and store them to<span>&nbsp;<\/span><span style=\"color: #38761d;\">ElasticSearch<\/span>:<\/b><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+ Download Logtash:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ sudo mkdir \/opt\/logstash \/etc\/logstash<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ sudo cd \/opt\/logstash<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ sudo wget https:\/\/download.elasticsearch.org\/logstash\/logstash\/logstash-1.2.2-flatjar.jar<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+ Create Logtash config file<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New',\nCourier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">\/etc\/logstash\/logstash-indexer.conf<\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><span>&nbsp;<\/span>with the following content:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>input {<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; redis {<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; host =&gt; &#8220;127.0.0.1&#8221;<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; data_type =&gt; &#8220;list&#8221;<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; key =&gt; &#8220;logstash&#8221;<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; codec =&gt; json<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-vari\nant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>}<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>output {<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; elasticsearch {<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; embedded =&gt; true<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>}<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+ Run Logstash, this will also activate the Kibana web interface on port 9292:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ java -jar \/opt\/logstash\/logstash-1.2.2-flatjar.jar agent -f \/etc\/logstash\/logstash-indexer.conf &#8212; web<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-colo\nr: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">&nbsp;4. On the<span>&nbsp;<\/span><span style=\"color: #073763;\">shipper machine<\/span><span>&nbsp;<\/span>(my computer), download Logstash, and create config file for Logtash to copy my Django app&#8217;s logs to the<span>&nbsp;<\/span><span style=\"color: #073763;\">indexer server<\/span>:<\/b><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+ Download Logstash:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ sudo mkdir \/opt\/logstash \/etc\/logstash<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ sudo cd \/opt\/logstash<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ sudo wget https:\/\/download.elasticsearch.org\/logstash\/logstash\/logstash-1.2.2-flatjar.jar<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+ Create a config file at<span>&nbsp;<\/span><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">\/etc\/logstash\/logstash-shipper.conf<span>&nbsp;<\/span><\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">for Logstash to copy logs file redis at the indexer server:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, Fr\neeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #0b5394; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i>input {<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; file {<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; path =&gt; &#8220;\/home\/projects\/logs\/*ecap.log&#8221;<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; type =&gt; &#8220;nginx&#8221;<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br \/>}<br \/>output {<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; redis {<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; host =&gt; &#8220;indexer.server.ip&#8221;<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; data_type =&gt; &#8220;list&#8221;<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; key =&gt; &#8220;logstash&#8221;<br \/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br \/>}<\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">+ Run Logstash:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><i><b>$ java -jar \/opt\/logstash\/logstash-1.2.2-flatjar.jar agent -f \/etc\/logstash\/logstash-shipper.conf<\/b><\/i><\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><br \/><\/b><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><\/span><b style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">5. From a random machine on my network, open browser to access the<span>&nbsp;<\/span><span style=\"color: #bf9000;\">kibana<\/span><span>&nbsp;<\/span>web interface to manage all the logs:<\/b><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><\/p>\n<div style=\"-webkit-text-stroke-width: 0px; background-color: white; clear: both; color: black; font-family: 'Courie\nr New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: center; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><a href=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/logstash3.png\" style=\"color: #888888; margin-left: 1em; margin-right: 1em; text-decoration: none;\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" height=\"358\" src=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/logstash3-300x169.png\" style=\"-webkit-box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; background: rgb(255, 255, 255); border: 1px solid rgb(238, 238, 238); box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; padding: 5px; position: relative;\" width=\"640\" alt=\"\" title=\"\"><\/a><\/div>\n<p><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">From now on, If I want to monitor any services&#8217;s logs, I just need to run a Logstash instance on the server which runs that service.<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #cc0000; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><b>But, there is one annoying thing<\/b><\/span><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">: the CPU usages on the indexer server is very high. It&#8217;s because I&#8217;m running all the services (logstash, redis, elasticsearch, kibana) on a same server, and the java processes consume a lot of CPU. Look at the following htop screenshots and you will see:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><\/p>\n<ul style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; margin: 0.5em 0px; orphans: auto; padding: 0px 2.5em; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">\n<li style=\"margin: 0px 0px 0.25em; padding: 0px; text-indent: 0px;\">Indexer server, before running all the services:<\/li>\n<\/ul>\n<p><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><\/p>\n<div style=\"-webkit-text-stroke-width: 0px; background-color: white; clear: both; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: center; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><a href=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/indexerbefore.png\" style=\"color: #888888; margin-left: 1em; margin-right: 1em; text-decoration: none;\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" height=\"358\" src=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/indexerbefore-300x169.png\" style=\"-webkit-box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; background: rgb(255, 255, 255); border: 1px solid rgb(238, 238, 238); box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; padding: 5px; position: relative;\" width=\"640\" alt=\"\" title=\"\"><\/a><\/div>\n<p><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><\/p>\n<ul style=\"-webkit-text-stroke-width:\n 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; margin: 0.5em 0px; orphans: auto; padding: 0px 2.5em; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><\/p>\n<li style=\"margin: 0px 0px 0.25em; padding: 0px; text-indent: 0px;\">Indexer server, after running all the services:<\/li>\n<\/ul>\n<div style=\"-webkit-text-stroke-width: 0px; background-color: white; clear: both; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: center; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><a href=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/indexerafter.png\" style=\"color: #888888; margin-left: 1em; margin-right: 1em; text-decoration: none;\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" height=\"358\" src=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/indexerafter-300x169.png\" style=\"-webkit-box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; background: rgb(255, 255, 255); border: 1px solid rgb(238, 238, 238); box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; padding: 5px; position: relative;\" width=\"640\" alt=\"\" title=\"\"><\/a><\/div>\n<p><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">These are all listening ports on the indexer server:<\/span><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><\/p>\n<div style=\"-webkit-text-stroke-width: 0px; background-color: white; clear: both; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: center; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><a href=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/indexerafter2.png\" style=\"color: #888888; margin-left: 1em; margin-right: 1em; text-decoration: none;\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" height=\"358\" src=\"http:\/\/onlinelab.info\/wp-content\/uploads\/2014\/10\/indexerafter2-300x169.png\" style=\"-webkit-box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; background: rgb(255, 255, 255); border: 1px solid rgb(238, 238, 238); box-shadow: rgba(0, 0, 0, 0.0980392) 1px 1px 5px; padding: 5px; position: relative;\" width=\"640\" alt=\"\" title=\"\"><\/a><\/div>\n<p><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">Some tuning on ElasticSearch maybe helpful.<span>&nbsp;<\/span><\/span><span itemprop=\"author\" itemscope=\"\" itemtype=\"http:\/\/schema.org\/Person\" style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><span itemprop=\"name\">Vaidas Jablonskis has a good blog post about this:<span>&nbsp;<\/span><\/span><\/span><a href=\"http:\/\/jablonskis.org\/2013\/elasticsearch-and-logstash-tuning\/\" style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #33aaff; font-family: &#039;Courier New&#039;, Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-decoration: underline; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" target=\"_blank\" rel=\"noopener\">http:\/\/jablonskis.org\/2013\/elasticsearch-and-logstash-tuning\/<\/a><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none\n; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><u style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\"><b>References:<\/b><\/u><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">[0]<span>&nbsp;<\/span><\/span><a href=\"http:\/\/michael.bouvy.net\/blog\/en\/2013\/11\/19\/collect-visualize-your-logs-logstash-elasticsearch-redis-kibana\/\" style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #888888; font-family: &#039;Courier New&#039;, Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" target=\"_blank\" rel=\"noopener\">http:\/\/michael.bouvy.net\/blog\/en\/2013\/11\/19\/collect-visualize-your-logs-logstash-elasticsearch-redis-kibana\/<\/a><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">[1]<span>&nbsp;<\/span><\/span><a href=\"http:\/\/logstash.net\/docs\/1.2.2\/tutorials\/getting-started-centralized\" style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #888888; font-family: &#039;Courier New&#039;, Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" target=\"_blank\" rel=\"noopener\">http:\/\/logstash.net\/docs\/1.2.2\/tutorials\/getting-started-centralized<\/a><br style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" \/><span style=\"-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-family: 'Courier New', Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\">[2]<span>&nbsp;<\/span><\/span><a href=\"http:\/\/logstash.net\/docs\/1.2.2\/tutorials\/10-minute-walkthrough\/\" style=\"-webkit-text-stroke-width: 0px; background-color: white; color: #888888; font-family: &#039;Courier New&#039;, Courier, FreeMono, monospace; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.4799995422363px; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;\" target=\"_blank\" rel=\"noopener\">http:\/\/logstash.net\/docs\/1.2.2\/tutorials\/10-minute-walkthrough\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Deploying a&nbsp;Centralized Logs Management System&nbsp;seems very easy these days with such these great tools:+&nbsp;Logtash: collect logs, index logs, process logs, and ship logs+&nbsp;Redis: receive logs from logs shippers+&nbsp;ElasticSearch: store logs+&nbsp;Kibana: web interface with graphs, tables&#8230;We&hellip;<\/p>\n","protected":false},"author":1,"featured_media":82,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,9],"tags":[],"class_list":["post-34","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-monitoring","category-solution"],"_links":{"self":[{"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/posts\/34","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/comments?post=34"}],"version-history":[{"count":0,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/posts\/34\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/media?parent=34"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/categories?post=34"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.asianux.org.vn\/index.php\/wp-json\/wp\/v2\/tags?post=34"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}