Logstash data into Opensearch

Open Source Elasticsearch and Kibana
, ,
1

Can anyone tell me how to push logstash data into OpenSearch ?

2

Are you looking for a plugin to output data to opensearch?
Maybe this is what you’re looking for?

Works fancy for me on Opensearch 2.1.0 / Logstash 7.16

GitHub - opensearch-project/logstash-output-opensearch: A Logstash plugin that sends event data to a OpenSearch clusters and stores as an index.

3

Hi @Prem - welcome to our community.

I’m afraid the question is probably best answered by making it a bit more specific. Are you having trouble installing logstash with the opensearch output plugin? Are you having trouble creating your own valid configuration file? Does it seem to be working but you’re not seeing data in OpenSearch?

If you could provide us with a bit more information, I’d sure love to help.

Nate

5

Can you explain how to run this on my computer(MacOs)?

6

Yeah… I am having trouble creating logstash configuration file/pipeline.conf. If possible, can u tell me in detail in step by step from the scratch so that it will be easy for me to avoid confusion anymore. My platform is MacOs.

7

Hey, sorry for not replying in a long, can you provide your current conf and pipeline if the question is still active?

8

I think the most simple pipeline configuration is one that uses stdin as the input and then stdout as an output. Consider this:

input { stdin { } }
output { stdout { codec => rubydebug } }

In all fairness, I’m mostly summarizing what I’m seeing at Creating a Logstash pipeline | Logstash Reference [8.4] | Elastic - Logstash is an Elastic product. Consider some of their configuration examples here: Logstash configuration examples | Logstash Reference [8.4] | Elastic

The small example above doesn’t communicate with anything remotely just yet. I wanted to show you the general syntax of the pipeline. There’s an input and an output section at the least. If you were to run logstash with this configuration, it would wait for input to be typed or pasted in, and it would immediately be passed through the output plugin (in this case stdout - in other words, the screen)

To log data to OpenSearch (once you have the opensearch output plug installed) you can follow the syntax of using an opensearch output instead of stdout.

The readme of the opensearch output in logstash project has some good configuration examples to start with as well: GitHub - opensearch-project/logstash-output-opensearch: A Logstash plugin that sends event data to a OpenSearch clusters and stores as an index.

9

I can also help, but I need more information and examples of what you want to do.
Here I use logstash being a docker image and it works fine.
I run several pipelines and several conf’s