This is a plugin for Logstash.
This library is licensed under Apache License 2.0.
The following table shows the versions of logstash and logstash-output-amazon_es Plugin was built with.
logstash-output-amazon_es | Logstash |
---|---|
6.0.0 | <6.0.0 |
6.4.0 | >6.0.0 |
Also, logstash-output-amazon_es plugin versions 6.4.0 and newer are tested to be compatible with Elasticsearch 6.5 and greater.
logstash-output-amazon_es | Elasticsearch |
---|---|
6.4.0+ | 6.5+ |
To run the Logstash Output Amazon Elasticsearch Service plugin, simply add a configuration following the below documentation.
An example configuration:
output {
amazon_es {
hosts => ["foo.us-east-1.es.amazonaws.com"]
region => "us-east-1"
# aws_access_key_id and aws_secret_access_key are optional if instance profile is configured
aws_access_key_id => 'ACCESS_KEY'
aws_secret_access_key => 'SECRET_KEY'
index => "production-logs-%{+YYYY.MM.dd}"
}
}
- hosts (array of string) - the Amazon Elasticsearch Service domain endpoint (e.g.
["foo.us-east-1.es.amazonaws.com"]
) - region (string, :default => "us-east-1") - region where the domain is located
-
Credential parameters:
- aws_access_key_id, :validate => :string - optional AWS access key
- aws_secret_access_key, :validate => :string - optional AWS secret key
The credential resolution logic can be described as follows:
- User passed
aws_access_key_id
andaws_secret_access_key
inamazon_es
configuration - Environment variables -
AWS_ACCESS_KEY_ID
andAWS_SECRET_ACCESS_KEY
(RECOMMENDED since they are recognized by all the AWS SDKs and CLI except for .NET), orAWS_ACCESS_KEY
andAWS_SECRET_KEY
(only recognized by Java SDK) - Credential profiles file at the default location (
~/.aws/credentials
) shared by all AWS SDKs and the AWS CLI - Instance profile credentials delivered through the Amazon EC2 metadata service
-
template (path) - You can set the path to your own template here, if you so desire. If not set, the included template will be used.
-
template_name (string, default => "logstash") - defines how the template is named inside Elasticsearch
-
port (string, default 443) - Amazon Elasticsearch Service listens on port 443 for HTTPS (default) and port 80 for HTTP. Tweak this value for a custom proxy.
-
protocol (string, default https) - The protocol used to connect to the Amazon Elasticsearch Service
-
max_bulk_bytes - The max size for a bulk request in bytes. Default is 20MB. It is recommended not to change this value unless needed. For guidance on changing this value, please consult the table for network limits for your instance type: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-limits.html#network-limits
After 6.4.0, users can't set batch size in this output plugin config. However, users can still set batch size in logstash.yml file.
-
To get started, you'll need JRuby with the Bundler gem installed.
-
Create a new plugin or clone and existing from the GitHub logstash-plugins organization. Example plugins exist.
-
Install dependencies:
bundle install
-
Update your dependencies:
bundle install
-
Run unit tests:
bundle exec rspec
-
Edit Logstash
Gemfile
and add the local plugin path, for example:gem "logstash-filter-awesome", :path => "/your/local/logstash-filter-awesome"
-
Install the plugin:
# Logstash 2.3 and higher bin/logstash-plugin install --no-verify # Prior to Logstash 2.3 bin/plugin install --no-verify
-
Run Logstash with your plugin:
bin/logstash -e 'filter {awesome {}}'
At this point any modifications to the plugin code will be applied to this local Logstash setup. After modifying the plugin, simply re-run Logstash.
Before build your Gemfile
, please make sure use JRuby. Here is how you can know your local Ruby version:
rvm list
Please make sure you current using JRuby. Here is how you can change to JRuby
rvm jruby
You can use the same 2.1 method to run your plugin in an installed Logstash by editing its Gemfile
and pointing the :path
to your local plugin development directory. You can also build the gem and install it using:
-
Build your plugin gem:
gem build logstash-filter-awesome.gemspec
-
Install the plugin from the Logstash home:
# Logstash 2.3 and higher bin/logstash-plugin install --no-verify # Prior to Logstash 2.3 bin/plugin install --no-verify
-
Start Logstash and test the plugin.
If you want to use old version of logstash-output-amazon_es, you can install with this:
bin/logstash-plugin install logstash-output-amazon_es -v 2.0.0
All contributions are welcome: ideas, patches, documentation, bug reports, and complaints.