Hi Oneti, Yes, you can use omelasticsearch and index logs directly from rsyslog to ES. No need for Logstash. We have some documentation about how to index logs into Logsene over at https://sematext.atlassian.net/wiki/display/PUBLOGSENE/Sending+Events+to+Logsene and the piece that sounds like you may be after is at https://sematext.atlassian.net/wiki/display/PUBLOGSENE/rsyslog .
You should be able to use pretty much all the information there to index your logs to your own ES cluster. Otis -- Performance Monitoring * Log Analytics * Search Analytics Solr & Elasticsearch Support * http://sematext.com/ On Monday, July 14, 2014 3:54:37 AM UTC-4, Oneti Messo wrote: > > I am new to this subject. I noticed that Rsyslog also has an > elasticsearch > output module for sending traditional syslog and other application logs > (i.e., tail -f any text file) to elasticsearch directly. Does that mean I > can skip the logstash middleman and create a system using just > elasticsearch > and kibana? > > Oneti Messo > > > > -- > View this message in context: > http://elasticsearch-users.115913.n3.nabble.com/Splunk-vs-Elastic-search-performance-tp4054414p4059773.html > > Sent from the ElasticSearch Users mailing list archive at Nabble.com. > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/a3ddbf84-4535-484c-879e-559219cc84ed%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
