Start your 14-day free trial today & Get 20% Off All Annual Managed ELK Plans

No Credit Card Required

Try Logit.io Free

Already have an account? Sign In

backBack To Search
Send data via ActiveMQ to your Logstash instance provided by Logit.io

ActiveMQ

Collect and Ship ActiveMQ application logs to Logstash and Elasticsearch

Filebeat is a lightweight shipper that enables you to send your ActiveMQ application logs to Logstash and Elasticsearch. Configure Filebeat using the pre-defined examples below to start sending and analysing your ActiveMQ application logs.

Step 1 - Install FilebeatCopy

deb (Debian/Ubuntu/Mint)

curl -L -O https://artifacts.elastic.co/downloads/beats//-oss-7.15.1-amd64.deb
sudo dpkg -i -oss-7.15.1-amd64.deb

rpm (CentOS/RHEL/Fedora)

curl -L -O https://artifacts.elastic.co/downloads/beats//-oss-7.15.1-x86_64.rpm
sudo rpm -vi -oss-7.15.1-x86_64.rpm

macOS

curl -L -O https://artifacts.elastic.co/downloads/beats//-oss-7.15.1-darwin-x86_64.tar.gz
tar xzvf -oss-7.15.1-darwin-x86_64.tar.gz

Windows

  • Download the Windows zip file from the official downloads page.
  • Extract the contents of the zip file into C:\Program Files.
  • Rename the -<version>-windows directory to ``.
  • Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select Run As Administrator). If you are running Windows XP, you may need to download and install PowerShell.
  • Run the following commands to install as a Windows service:
cd 'C:\Program Files\'
.\install-service-.ps1
If script execution is disabled on your system, you need to set the execution policy for the current session to allow the script to run. For example: PowerShell.exe -ExecutionPolicy UnRestricted -File .\install-service-.ps1.
My OS isn't here! Don't see your system? Check out the official downloads page for more options (including 32-bit versions).

Step 2 - Locate Configuration FileCopy

deb/rpm /etc/filebeat/filebeat.yml

Step 3 - Add ActiveMQ Log LocationCopy

Filebeat does not currently have a module to process the ActiveMQ application logs.

Therefore we need to add the ActiveMQ application log location to the filebeat inputs.

Add the following to the end of the log input example, before the filebeat.config.modules section.

- type: log
  enabled: true
  paths:
    - /path/to/log/activemq/data/activemq.log*
  fields:
    type: activemq
  multiline.pattern: ^\=
  multiline.match: before

Step 4 - Enable the inputCopy

We need to ensure that any inputs we are using are enabled

filebeat.inputs:

- type: log
  enabled: false

Enable the filebeat input, so it should look like the following

filebeat.inputs:

- type: log
  enabled: true

Step 5 - Configure OutputCopy

We will be shipping to Logstash so that we have the option to run filters before the data is indexed.

Comment out the elasticsearch output block.

## Comment out elasticsearch output
#output.elasticsearch:
#  hosts: ["localhost:9200"]
No input available! Your stack is missing the required input for this data source Talk to support to add the input

Step 6 - Validate ConfigurationCopy

Let's check the configuration file is syntactically correct.

deb/rpm

filebeat -e -c /etc/filebeat/filebeat.yml

Step 7 - Start FilebeatCopy

Ok, time to start ingesting data!

deb/rpm

sudo systemctl enable filebeat
sudo systemctl start filebeat

Step 8 - how to diagnose no data in StackCopy

If you don't see data appearing in your Stack after following the steps, visit the Help Centre guide for steps to diagnose no data appearing in your Stack or Chat to support now.

Toggle View

Expand View

Return to Search

© 2022 Logit.io Ltd, All rights reserved.