Hello All,
Im fresh off the boat with OpenSearch/Opensearch-Dashboards. I been running Graylog for some time now and have played around with Elk-Stack and OpenDistro for Elasticsearch.
I just finish a full installation with Opensearch/Dashboards-2.6.0 & Logstash on Ubuntu 20.0.4. This is not an issue but was looking for some opinions.
With my Google Foo, I could not find a way to have logstash as a service, well none I could find beside downloading it from Elastic web site.
For some reason, not sure , I was having issues. So I used Opensearch Documentation but it just showed a script to execute. As a n00b I was testing configuration to see what worked and this was a pain in my @$$, so i decided to look for a way to turn Logstash into a service. Hope this will help someone later on.
Make the service file.
root # vim /etc/systemd/system/logstash.service
Add the following to the file.
[Unit]
Description=logstash
[Service]
Type=simple
User=root
Group=root
# Load env vars from /etc/default/ and /etc/sysconfig/ if they exist.
# Prefixing the path with '-' makes it try to load, but if the file doesn't
# exist, it continues onward.
EnvironmentFile=-/opt/logstash-8.6.1/
ExecStart=/opt/logstash-8.6.1/bin/logstash -f /opt/logstash-8.6.1/config/logstash.conf
WorkingDirectory=/opt/logstash-8.6.1/
Restart=always
Nice=19
LimitNOFILE=16384
# When stopping, how long to wait before giving up and sending SIGKILL?
# Keep in mind that SIGKILL on a process can cause data loss.
TimeoutStopSec=infinity
[Install]
WantedBy=multi-user.target
Execute:
sudo systemctl daemon-reload
sudo systemctl enable logstash
sudo systemctl start logstash
Results:
No issues but if anyone has a better idea/suggestion , im listen.
Thanks