PricingSign inRequest a Demo

Logstash

Supported Platforms

Platform
Metrics
Logs
Traces

Linux

Windows

macOS

Directions & Caveats

For clear directions on use, and the caveats on how to configure Logstash, see: Using Logstash with Bindplane

Configuration Table

Parameter
Type
Default
Description

listen_port*

int

2255

Port to listen on.

listen_ip

string

"0.0.0.0"

IP Address to listen on.

log_type

string

logstash

Arbitrary for attribute 'log_type'. Useful for filtering between many logstash sources.

parse_format

enum

none

Method to use when parsing. Valid values are none, json, and regex. When regex is selected, 'Regex Pattern' must be set.

regex_pattern

string

The regex pattern used when parsing log entries.

multiline_line_start_pattern

string

Regex pattern that matches the beginning of a log entry, for handling multiline logs.

multiline_line_end_pattern

string

Regex pattern that matches the end of a log entry, useful for terminating parsing of multiline logs.

parse_timestamp

bool

false

Whether to parse the timestamp from the log entry.

timestamp_field

string

timestamp

The field containing the timestamp in the log entry.

parse_timestamp_format

enum

ISO8601

The format of the timestamp in the log entry. Choose a common format, or specify a custom format. Options include "ISO8601", "RFC3339", "Epoch", and "Manual".

epoch_timestamp_format

enum

s

The layout of the epoch-based timestamp. Required when parse_timestamp_format is set to "Epoch".. Options include "s", "ms", "us", "ns", "s.ms", "s.us", "s.ns".

manual_timestamp_format

string

'%Y-%m-%dT%H:%M:%S.%f%z'

The strptime layout of the timestamp. Used when parse_timestamp_format is set to "Manual".

timezone

timezone

UTC

The timezone to use if the Timestamp Format doesn't include a timezone. Otherwise, the timezone in the Timestamp Format will be respected. NOTE: This is also required to parse timezone abbreviations, due to their ambiguity.

parse_severity

bool

false

Whether to parse severity from the log entry.

severity_field

string

severity

The field containing the severity in the log entry.

parse_to

string

body

The field that the log will be parsed to. Some exporters handle logs favorably when parsed to attributes over body and vice versa.

preserve_original

bool

false

When this option is set to true, the original event will be preserved under the attributes

enable_tls

bool

false

Whether or not to use TLS.

tls_certificate_path

string

Path to the TLS cert to use for TLS-required connections.

tls_private_key_path

string

Path to the TLS key to use for TLS-required connections.

tls_min_version

enum

"1.2"

The minimum TLS version to support. 1.0 and 1.1 should not be considered secure. Valid values include: 1.3, 1.2, 1.1, 1.0.

*required field

PreviousKubernetes Prometheus NodeNextmacOS

Last updated

Was this helpful?