Reputation: 6969
Should I use elastic search for logging without logstash
I'm planning on using Elasticsearch to log all my application activities (like an audit log).
Considering how I have direct control over the application, should I directly push the data into Elasticsearch using their REST APIs or should I somehow use Logstash to feed data into Elasticsearch?
Is there any reason I should use Logstash when I can directly push data into Elasticsearch? It's an additional layer to manage.
Upvotes: 9
Views: 1878
Answers (1)
Reputation: 3839
If you need to parse different log formats (eventlog, syslog and so on), support different transports (UDP, TCP and so on) and log outputs use Logstash. If http is good for you and you collect logs only from one application use ES directly. Logstash is an additional tool. Details are here.
Upvotes: 8
Related Questions
- direct logging on elasticsearch vs using logstash and filebeat
- Should I use Java or Logstash to index db content in Elastic Search?
- What's the advantage of using Logstash in ELK Stack?
- ELK stack (Elasticsearch, Logstash, Kibana) - is logstash a necessary component?
- Should I use elasticsearch for audit logs?
- Why install logstash if I can just send the data through REST to elasticsearch?
- Kibana + Elasticsearch without Logstash possible?
- Amazon Web Services - S3 - Logstash or Lambda to channel data into Elasticsearch?
- Logstash-Elastic search
- Elasticsearch for logging - need architectural advice