# Logstash ### Supported Platforms | Platform | Metrics | Logs | Traces | | -------- | ------- | ---- | ------ | | Linux | | ✓ | | | Windows | | ✓ | | | macOS | | ✓ | | ### Directions & Caveats For clear directions on use, and the caveats on how to configure Logstash, see: [Using Logstash with Bindplane](/how-to-guides/cloud-and-platform-integrations/using-logstash-with-bindplane.md) ### Configuration Table

Parameter	Type	Default	Description
listen_port*	`int`	2255	Port to listen on.
listen_ip	`string`	"0.0.0.0"	IP Address to listen on.
log_type	`string`	logstash	Arbitrary for attribute 'log_type'. Useful for filtering between many logstash sources.
parse_format	`enum`	none	Method to use when parsing. Valid values are `none`, `json`, and `regex`. When regex is selected, 'Regex Pattern' must be set.
regex_pattern	`string`		The regex pattern used when parsing log entries.
multiline_line_start_pattern	`string`		Regex pattern that matches the beginning of a log entry, for handling multiline logs.
multiline_line_end_pattern	`string`		Regex pattern that matches the end of a log entry, useful for terminating parsing of multiline logs.
parse_timestamp	`bool`	false	Whether to parse the timestamp from the log entry.
timestamp_field	`string`	timestamp	The field containing the timestamp in the log entry.
parse_timestamp_format	`enum`	ISO8601	The format of the timestamp in the log entry. Choose a common format, or specify a custom format. Options include "ISO8601", "RFC3339", "Epoch", and "Manual".
epoch_timestamp_format	`enum`	s	The layout of the epoch-based timestamp. Required when parse_timestamp_format is set to "Epoch".. Options include "s", "ms", "us", "ns", "s.ms", "s.us", "s.ns".
manual_timestamp_format	`string`	'%Y-%m-%dT%H:%M:%S.%f%z'	The strptime layout of the timestamp. Used when parse_timestamp_format is set to "Manual".
timezone	`timezone`	UTC	The timezone to use if the Timestamp Format doesn't include a timezone. Otherwise, the timezone in the Timestamp Format will be respected. NOTE: This is also required to parse timezone abbreviations, due to their ambiguity.
parse_severity	`bool`	false	Whether to parse severity from the log entry.
severity_field	`string`	severity	The field containing the severity in the log entry.
parse_to	`string`	body	The field that the log will be parsed to. Some exporters handle logs favorably when parsed to `attributes` over `body` and vice versa.
preserve_original	`bool`	false	When this option is set to true, the original event will be preserved under the attributes
enable_tls	`bool`	false	Whether or not to use TLS.
tls_certificate_path	`string`		Path to the TLS cert to use for TLS-required connections.
tls_private_key_path	`string`		Path to the TLS key to use for TLS-required connections.
tls_min_version	`enum`	"1.2"	The minimum TLS version to support. 1.0 and 1.1 should not be considered secure. Valid values include: `1.3`, `1.2`, `1.1`, `1.0`.

\**required field* --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bindplane.com/integrations/sources/logstash.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.