The Logstash Collector (
logstashCollector-1.1) feature in WebSphere Liberty collects message events, trace events, garbage collection events, FFDC, and access log events from your servers and sends them to a remote Logstash server. Elasticsearch, Logstash, and Kibana (known as the ELK stack) are commonly used together for searching and analyzing log events. If you have multiple Liberty servers to manage, Logstash Collector is great for sending log records and events to an ELK stack. You can then use Kibana to create queries, visualizations, and dashboards quickly.
It has been a while since we tested the Logstash Collector feature with Logstash V2.x, Elasticsearch V2.x, and Kibana V4.x. Elastic released Logstash V5, Elasticsearch V5, and Kibana V5 towards the end of 2016. Elasticsearch V5 introduced some breaking changes. String fields are replaced by text and keyword fields.
_ttl fields are removed. We’ve created a new set of sample files for ELK V5. You can find the sample configuration files and dashboards in our GitHub repo. See the README for the location of the new sample files.
Let us know if you have any questions or comments. You can post your questions at dW Answers.