The Logstash Collector (logstashCollector-1.0 and logstashCollector-1.1) feature in WebSphere Liberty collects message events, trace events, garbage collection events, FFDC, and access log events from your servers and sends them to a remote Logstash server. Elasticsearch, Logstash, and Kibana (known as the ELK stack) are commonly used together for searching and analyzing log events. If you have multiple Liberty servers to manage, Logstash Collector is great for sending log records and events to an ELK stack. You can then use Kibana to create queries, visualizations, and dashboards quickly.

It has been a while since we tested the Logstash Collector feature with Logstash V2.x, Elasticsearch V2.x, and Kibana V4.x. Elastic released Logstash V5, Elasticsearch V5, and Kibana V5 towards the end of 2016. Elasticsearch V5 introduced some breaking changes. String fields are replaced by text and keyword fields. _ttl fields are removed. We’ve created a new set of sample files for ELK V5. You can find the sample configuration files and dashboards in our GitHub repo. See the README for the location of the new sample files.

Let us know if you have any questions or comments. You can post your questions at dW Answers.

2 comments on"Logstash Collector now supports Logstash, Elasticsearch and Kibana version 5"

  1. Felix Wong May 31, 2017

    Hello Hågen,

    logstashCollector currently supports Lumberjack only. Do you have any requirements for Liberty to support other protocols? Please let us know by opening a RFE at https://www.ibm.com/developerworks/rfe/execute?use_case=changeRequestLanding&BRAND_ID=181&PROD_ID=544&x=13&y=8

    Thank you!

  2. Any plans to move away from the Lumberjack protocol?

Join The Discussion

Your email address will not be published. Required fields are marked *