Logstash on windows

Just a test run, download logstash v.v.v.

Running Logstash on Windows | Logstash Reference [8.3] | Elastic

https://www.coretechnologies.com/products/AlwaysUp/Apps/InstallLogstashAsAWindowsService.html

To install Logstash as a Windows Service:

If necessary, download, install and configure Logstash.

You can grab the Logstash zip file from the Elastic web site and expand its contents to a location of your choice. Note that we have placed the software in C:\Logstash and we’ll use that folder throughout this tutorial.

Ensure that Logstash starts properly when you run the “logstash.bat” file with the full path to your configuration file. For example, if your config file is called “C:\Logstash\logstash.conf”, then try running this from Logstash bin folder:

logstash.bat -f C:\Logstash\logstash.conf

Our example

Logstash is downloaded, now let’s make a simple config and start it.

# read a file on change and update out file
input {
    file {
        path => "C:/Logstash/test.txt"
        sincedb_path => "C:/Logstash/null"
        start_position => "beginning"
        file_completed_action => "log"
        file_completed_log_path => "C:/Logstash/log.log"
        }
}

output {
    file {
    path => "C:/Logstash/outfile.txt"
    #codec => "json"
    }
}

Run it

PS C:\WINDOWS\system32> C:\Logstash\logstash-8.3.3-windows-x86_64\logstash-8.3.3\bin\logstash.bat -f C:\Logstash\logstash-8.3.3-windows-x86_64\logstash-8.3.3\config\test_conf.conf

The file is now empty and logstash is started and waiting for changes

If we vist the API endpoint, we get some meta information

localhost:9600

{"host":"hostname","version":"8.3.3","http_address":"127.0.0.1:9600","id":"a long id","name":"hostname","ephemeral_id":"a long id","status":"green","snapshot":false,"pipeline":{"workers":8,"batch_size":125,"batch_delay":50},"build_date":"2022-07-23T19:31:54Z","build_sha":"0205f0c5f2ff21118c161e769e8f2bbb79ee81a3","build_snapshot":false}

After start, the two new files are created.

Now lets add some text in the test.txt, the output.txt should be created.

# In the test.txt add a line with text and press enter to go no next line, then save it.
test new entry 1

Here the setp is done, and logstash picks it up and makes the new file for us with the entry.

Result