node-red-contrib-logstash 0.0.3
A set of Node-RED nodes for Logstash
npm install node-red-contrib-logstash
Node-RED Logstash nodes
This project aims at providing a set of Node-RED nodes for modeling and executing any Logstash pipelines.
Context
The Node-RED project provides a nice browser-based visual editor for wiring the Internet of Things.
This project makes the assumption that if you can wire IoT devices, you can wire anything. So, the initial idea is to use the excellent environment offered by the Node-RED platform in order to visually model Logstash pipelines as Node-RED flows. This project thus aims at providing all Logstash components (i.e. inputs, outputs and filters) in the form of additional Node-RED nodes that anyone can then easily assemble into her own Logstash pipeline instead of having to write the configuration file manually.
Using these new nodes and existing ones, one will not only be empowered to model her Logstash pipelines in a neat visual environment, but such pipelines can also be executed inside the Node-RED runtime.
Visual modeling and real-time execution of Logstash pipelines are nice, but there's more. Once the pipeline executes according to your expectations, you can generate and export the corresponding Logstash configuration file in order to use it on the Logstash command-line.
Another neat feature that this project is going to support is the ability to parse any existing Logstash configuration and automatically create the corresponding Node-RED flow, which can then be further re-arranged, improved, modified and re-exported. Yes, round-trip Logstash engineering!
Finally, since the Node-RED ecosystem also allows contributors to share their flows in the open Node-RED library for others to reuse, this basically opens the door to sharing your Logstash pipelines with others.
To sum up, this project can be seen as some sort of missing Visual IDE for Logstash, which allows you to:
- visually model a full-blown Logstash pipeline by dragging and dropping input/filter/output nodes and wiring them together as Node-RED flows
- generate the equivalent Logstash configuration you'd have written by hand otherwise
- share Logstash pipelines (aka Node-RED flows) with the community and your peers
- execute the Logstash pipeline in real-time inside the Node-RED runtime (in progress)
- reverse-engineer existing Logstash pipelines into Node-RED flows (in progress)
Installation
First, follow the steps to install the Node-RED environment. By default, Node-RED gets installed into your home directory in
.node-red
.> cd ~/.node-red
Install this package via
npm
:> npm install node-red-contrib-logstash
Fire up Node-RED:
> node-red
Open your browser at http://localhost:1880
How to use
1. Drag & drop
Once Node-RED is started, you'll find all the Logstash nodes in the left sidebar, called the palette.
You can drag and drop them into the workspace and visually compose your pipeline (aka Node-RED flow).
2. Configure node settings
The official settings for the file
input plugin are shown on the figure below (taken from the
official documentation):
Once you add a node into the workspace, you can configure its settings by double clicking on the node in order to
open a configuration dialog, such as the one shown below for the file
input node.
As you can see, all the settings for the file
input node can be input into text fields or selected from dropdown lists
which are automatically populated by the supported values defined in the respective Logstash plugin.
Similarly, placeholder values show the default settings as configured in the respective Logstash plugin.
3. Generate Logstash configuration
The very simple pipeline wired in step 1 above basically corresponds to the following Logstash configuration, which has been automatically generated from the above pipeline/flow:
input {
# Tail test.log
file {
codec => "json"
path => "/home/me/test.log"
type => "test"
add_field => { "[@metadata][test]" => "Hello1" }
}
# Tail test2.log
file {
codec => "json"
path => "/home/me/test2.log"
type => "test2"
add_field => { "[@metadata][test]" => "Hello2" }
}
}
filter {
if [type] == "test" {
# Lowercase first name
mutate {
lowercase => "first_name"
}
}
if [type] == "test2" {
# Lowercase last name
mutate {
lowercase => "last_name"
}
}
}
output {
# Out
stdout {
codec => "rubydebug"
}
}
And now the limit is the sky!
Future
The ultimate objective of this project is to migrate this visual Logstash editor environment as a Kibana plugin.
Categories
Actions
Downloads
Nodes
-
ls-flt-age
-
ls-flt-aggregate
-
ls-flt-alter
-
ls-flt-anonymize
-
ls-flt-bytesize
-
ls-flt-checksum
-
ls-flt-cidr
-
ls-flt-cipher
-
ls-flt-clone
-
ls-flt-cloudfoundry
-
ls-flt-collate
-
ls-flt-csv
-
ls-flt-date
-
ls-flt-de_dot
-
ls-flt-debug
-
ls-flt-dissect
-
ls-flt-dns
-
ls-flt-drop
-
ls-flt-elapsed
-
ls-flt-elasticsearch
-
ls-flt-emoji
-
ls-flt-environment
-
ls-flt-example
-
ls-flt-extractnumbers
-
ls-flt-fingerprint
-
ls-flt-geoip
-
ls-flt-grok
-
ls-flt-hashid
-
ls-flt-i18n
-
ls-flt-jdbc_static
-
ls-flt-jdbc_streaming
-
ls-flt-json
-
ls-flt-json_encode
-
ls-flt-kubernetes_metadata
-
ls-flt-kv
-
ls-flt-language
-
ls-flt-lookup
-
ls-flt-math
-
ls-flt-metaevent
-
ls-flt-metricize
-
ls-flt-metrics
-
ls-flt-multiline
-
ls-flt-mutate
-
ls-flt-oui
-
ls-flt-prune
-
ls-flt-punct
-
ls-flt-range
-
ls-flt-ruby
-
ls-flt-sleep
-
ls-flt-split
-
ls-flt-syslog_pri
-
ls-flt-throttle
-
ls-flt-tld
-
ls-flt-translate
-
ls-flt-truncate
-
ls-flt-unique
-
ls-flt-urldecode
-
ls-flt-useragent
-
ls-flt-uuid
-
ls-flt-xml
-
ls-flt-yaml
-
ls-flt-zeromq
-
ls-in-beats
-
ls-in-cloudwatch
-
ls-in-couchdb_changes
-
ls-in-dead_letter_queue
-
ls-in-drupal_dblog
-
ls-in-dynamodb
-
ls-in-elasticsearch
-
ls-in-eventlog
-
ls-in-example
-
ls-in-exec
-
ls-in-file
-
ls-in-fluentd
-
ls-in-ganglia
-
ls-in-gelf
-
ls-in-gemfire
-
ls-in-generator
-
ls-in-github
-
ls-in-google_pubsub
-
ls-in-googleanalytics
-
ls-in-graphite
-
ls-in-heartbeat
-
ls-in-heroku
-
ls-in-http
-
ls-in-http_poller
-
ls-in-imap
-
ls-in-irc
-
ls-in-jdbc
-
ls-in-jms
-
ls-in-jmx
-
ls-in-journald
-
ls-in-kafka
-
ls-in-kinesis
-
ls-in-log4j
-
ls-in-log4j2
-
ls-in-lumberjack
-
ls-in-meetup
-
ls-in-mongodb
-
ls-in-neo4j
-
ls-in-netflow
-
ls-in-perfmon
-
ls-in-pipe
-
ls-in-puppet_facter
-
ls-in-rabbitmq
-
ls-in-rackspace
-
ls-in-redis
-
ls-in-relp
-
ls-in-rss
-
ls-in-s3
-
ls-in-salesforce
-
ls-in-snmptrap
-
ls-in-sqlite
-
ls-in-sqs
-
ls-in-stdin
-
ls-in-stomp
-
ls-in-syslog
-
ls-in-tcp
-
ls-in-twitter
-
ls-in-udp
-
ls-in-unix
-
ls-in-varnishlog
-
ls-in-websocket
-
ls-in-wmi
-
ls-in-xmpp
-
ls-in-zenoss
-
ls-in-zeromq
-
ls-out-beats
-
ls-out-boundary
-
ls-out-circonus
-
ls-out-cloudwatch
-
ls-out-csv
-
ls-out-datadog
-
ls-out-datadog_metrics
-
ls-out-elasticsearch
-
ls-out-elasticsearch_java
-
ls-out-email
-
ls-out-example
-
ls-out-exec
-
ls-out-file
-
ls-out-firehose
-
ls-out-ganglia
-
ls-out-gelf
-
ls-out-gemfire
-
ls-out-google_bigquery
-
ls-out-google_cloud_storage
-
ls-out-graphite
-
ls-out-graphtastic
-
ls-out-hipchat
-
ls-out-http
-
ls-out-influxdb
-
ls-out-irc
-
ls-out-jira
-
ls-out-jms
-
ls-out-juggernaut
-
ls-out-kafka
-
ls-out-librato
-
ls-out-logentries
-
ls-out-loggly
-
ls-out-lumberjack
-
ls-out-metriccatcher
-
ls-out-monasca_log_api
-
ls-out-mongodb
-
ls-out-nagios
-
ls-out-nagios_nsca
-
ls-out-neo4j
-
ls-out-newrelic
-
ls-out-null
-
ls-out-opentsdb
-
ls-out-pagerduty
-
ls-out-pipe
-
ls-out-rabbitmq
-
ls-out-rackspace
-
ls-out-rados
-
ls-out-redis
-
ls-out-redmine
-
ls-out-riak
-
ls-out-riemann
-
ls-out-s3
-
ls-out-slack
-
ls-out-sns
-
ls-out-solr_http
-
ls-out-sqs
-
ls-out-statsd
-
ls-out-stdout
-
ls-out-stomp
-
ls-out-syslog
-
ls-out-tcp
-
ls-out-udp
-
ls-out-webhdfs
-
ls-out-websocket
-
ls-out-xmpp
-
ls-out-zabbix
-
ls-out-zeromq
-
ls-out-zookeeper
Keywords
- node-red
- logstash
- nodered
- elk
- elastic
- elasticsearch