I tried using the getting started guide, and knew I was in trouble when they had me downloading shakespeare.json. Why does every IT person think that other IT people are “cultured” and would be interested in Shakespeare as a datasource for a POC?
Regardless, like most people doing such a POC, I have a /var/log/messages file I would like to index. This POC does that.
[root@cmhlcarchapp01 elasticsearch-1.5.2]# bin/elasticsearch -d
[root@cmhlcarchapp01 logstash-1.5.0]# cat conf/logstash.conf
input {
file {
type => "logstash"
path => "/var/log/messages"
}
}
output {
elasticsearch {
host => localhost
}
}
[root@cmhlcarchapp01 logstash-1.5.0]# bin/logstash -f conf/logstash.conf
[root@cmhlcarchapp01 logstash-1.5.0]# bin/kibana
After doing this, I found entries being indexed after a while as shown below…
