Hello Ryan, I am trying to build the same type of application (device log collecting) and I'm also very new to logstash and elasticsearch. I'm having a hard time setting up a lab environment that can sustain the load (2000 logs/sec, 1024ko logs) and only 60% of the logs are indexed (I count the number of lucene doucuments).
So maybe you can give me a few tips or advices on how you tuned you environment. How do you start logstash? just with the script provided in the project? Are you using the syslog plugin to listen on port 514? How many elasticsearch nodes do you have? I would really appreciate if you could take some time to share your experience on this. Thank you, Antoine Brun Le mercredi 29 mai 2013 03:10:12 UTC+2, Ryan Palamara a écrit : > > I am using Elasticsearch combined with Logstash and Kibana for collecting > log data from a number of different network devices. I just set it up in > the past few days and so far it has been handling the load wonderfully. I > would like to setup alerts for certain events that can be taken from the > logs. Things like getting an alert after a certain amount of events in a > time period or alerts for certain log events. > > Now I am very new at this and have been searching through for some way to > do this, but was hoping that someone could help point me in the right > direction. > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/d4ca2099-86d2-4071-8359-565f902f390c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
