Get a DemoStart Free TrialSign In

Logstash Rabbitmq App Configuration

Ship RabbitMQ application logs to logstash

Send Your DataLogsApplicationsLogstash Rabbitmq App Configuration Guide

Follow this step by step guide to get 'logs' from your system to Logit.io:

Step 1 - Install Filebeat

To get started first follow the steps below:

  • Install
  • Root access
  • Verify the required port is open

Older versions can be found here 7, 6, 5

Step 2 - Locate Configuration File

deb/rpm /etc/filebeat/filebeat.yml

Step 3 - Add RabbitMQ Log Location

Filebeat does not currently have a module to process the rabbitmq application logs.

Therefore we need to add the rabbitmq application log location to the filebeat inputs. Since rabbitmq uses a multi-line log format we will need to configure a seperate log section to handle it.

Add the following to the end of the log input example, before the filebeat.config.modules section.

- type: log
  enabled: true
  paths:
    - /var/log/rabbitmq/*.log
  fields:
    type: rabbitmq
  multiline.pattern: ^\=
  multiline.match: before

If you’re running Filebeat 8.1+ filebeat.inputs needs to be filestream instead of logs:

filebeat.inputs:

- type: filestream
  enabled: true
  paths:
    - /var/log/rabbitmq/*.log
  fields:
    type: rabbitmq
  multiline.pattern: ^\=
  multiline.match: before

Step 4 - Configure output

We'll be shipping to Logstash so that we have the option to run filters before the data is indexed.
Comment out the elasticsearch output block.

## Comment out elasticsearch output
#output.elasticsearch:
#  hosts: ["localhost:9200"]
No input available! Your stack is missing the required input for this data source Talk to support to add the input

Step 5 - Validate configuration

If you have issues starting in the next step, you can use these commands below to troubleshoot.

Let's check the configuration file is syntactically correct by running directly inside the terminal. If the file is invalid, will print an error loading config file error message with details on how to correct the problem.

deb/rpm

sudo  -e -c /etc//.yml

macOS

cd <EXTRACTED_ARCHIVE>
sudo ./ -e -c .yml

Windows

cd <EXTRACTED_ARCHIVE>
.\.exe -e -c .yml

Step 6 - Start filebeat

Start or restart to apply the configuration changes.

Step 7 - Check Logit.io for your logs

Now you should view your data:

View my data

If you don't see logs take a look at How to diagnose no data in Stack below for how to diagnose common issues.

Step 8 - how to diagnose no data in Stack

If you don't see data appearing in your Stack after following the steps, visit the Help Centre guide for steps to diagnose no data appearing in your Stack or Chat to support now.

Return to Search
Sign Up

© 2023 Logit.io Ltd, All rights reserved.