Logstash Source

이 제품은 선택한 Datadog 사이트에서 지원되지 않습니다. ().
이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.
이용 가능:

Logs

Use Observability Pipelines’ Logstash source to receive logs from your Logstash agent. Select and set up this source when you set up a pipeline.

You can also use the Logstash source to send logs to Observability Pipelines using Filebeat.

Prerequisites

To use Observability Pipelines’ Logstash source, you need the following information available:

  • Logstash address, such as 0.0.0.0:8088. The Observability Pipelines Worker listens on this bind address to receive logs from your applications. Later on, you configure your applications to send logs to this address.
  • The appropriate TLS certificates and the password you used to create your private key, if your forwarders are globally configured to enable SSL.

Set up the source in the pipeline UI

Select and set up this source when you set up a pipeline. The information below is for the source settings in the pipeline UI.

Only enter the identifiers for the Logstash address and, if applicable, the TLS key pass. Do not enter the actual values.
  • Enter the identifier for your Logstash address. If you leave it blank, the default is used.

Optional settings

Toggle the switch to Enable TLS. If you enable TLS, the following certificate and key files are required.
Note: All file paths are made relative to the configuration data directory, which is /var/lib/observability-pipelines-worker/config/ by default. See Advanced Worker Configurations for more information. The file must be owned by the observability-pipelines-worker group and observability-pipelines-worker user, or at least readable by the group or user.

  • Enter the identifier for your Logstash key pass. If you leave it blank, the default is used.
  • Server Certificate Path: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509).
  • CA Certificate Path: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509).
  • Private Key Path: The path to the .key private key file that belongs to your Server Certificate Path in DER or PEM (PKCS #8) format.

Set secrets

These are the defaults used for secret identifiers and environment variables.

Note: If you enter identifiers for your secrets and then choose to use environment variables, the environment variable is the identifier entered and prepended with DD_OP. For example, if you entered PASSWORD_1 for a password identifier, the environment variable for that password is DD_OP_PASSWORD_1.

    • Logstash address identifier:
      • References the address on which the Observability Pipelines Worker listens for incoming log messages.
      • The default identifier is SOURCE_LOGSTASH_ADDRESS.
    • Logstash TLS passphrase identifier (when TLS is enabled):
      • The default identifier is SOURCE_LOGSTASH_KEY_PASS.
    • Logstash address and port:
      • The Observability Pipelines Worker listens on this address, such as 0.0.0.0:9997, for incoming log messages.
      • The default environment variable is DD_OP_SOURCE_LOGSTASH_ADDRESS
    • Logstash TLS passphrase:
      • The default environment variable is DD_OP_SOURCE_LOGSTASH_KEY_PASS.

    Send logs to the Observability Pipelines Worker over Logstash

    To configure Logstash to send logs to the Observability Pipelines Worker, use the following output configuration:

    output {
  http {
    url => "http://127.0.0.1:9997"
    http_method => "post"
    format => "json"
  }
}

    Note: Logstash requires SSL to be configured.