-
Notifications
You must be signed in to change notification settings - Fork 1
/
logstash-forwarder-installer.sh
63 lines (54 loc) · 1.38 KB
/
logstash-forwarder-installer.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/bin/bash
cd /tmp;
# Change the IP to the Logstash server
IP=0.0.0.0
# getting the certificate
scp $IP:/etc/pki/tls/certs/logstash-forwarder.crt /tmp
mkdir -p /etc/pki/tls/certs
cp /tmp/logstash-forwarder.crt /etc/pki/tls/certs/
# Getting the deb file for 64bits
wget https://github.com/Siljanovski/elasticsearch/raw/master/logstash-forwarder_0.3.1_amd64.deb
dpkg -i logstash-forwarder_0.3.1_amd64.deb
# Creating logstash-forwarder Daemon
cd /etc/init.d/;
wget https://raw.githubusercontent.com/Siljanovski/elasticsearch/master/logstash-forwarder -O logstash-forwarder;
chmod +x logstash-forwarder;
update-rc.d logstash-forwarder defaults;
# creating configuration file
touch /etc/logstash-forwarder;
echo '{
"network": {
"servers": [ "$IP:5000" ],
"timeout": 15,
"ssl ca": "/etc/pki/tls/certs/logstash-forwarder.crt"
},
"files": [
{
"paths": [
"/srv/log/syslog",
"/srv/log/auth.log"
],
"fields": { "type": "syslog" }
},
{
"paths": [
"/srv/log/nginx/*.access.log"
],
"fields": { "type": "nginx-access" }
},
{
"paths": [
"/srv/log/nginx/*.error.log"
],
"fields": { "type": "nginx-error" }
},
{
"paths": [
"/srv/log/nodejs/*.log"
],
"fields": { "type": "nodejs" }
}
]
}
' > /etc/logstash-forwarder
service logstash-forwarder start