Centralized Logging with Logstash

Hosted by Tampa JUG

Public group

This is a past event

46 people went


Centralized Logging is a solution from which any organization with software running on more than a single host can benefit. Researching incidents can be painful enough without having to manually grep through multiple logs strewn across your infrastructure. Searching across multiple logs on multiple hosts to analyze historical trends is impractical or impossible. Centralized Logging affords us the ability to search across logs from an entire distributed system quickly and in one place. It allows all the rich information from application and system logs to be analyzed for performance tuning, feature usage, or any number of interesting things that might be lurking in that data.

There are many solutions to implement centralized logging. From DIY to full commercial solutions. This presentation will focus on Logstash, an open-source data pipelining product written in JRuby. It is distributed and supported by Elastic (formerly Elasticsearch). We'll discuss Logstash, its architecture, and some of its capabilities. And we'll see a demo of it in action.

Bio: Matt Gregory is relatively new to Tampa (Aug 2014). He hails from Niceville, FL (Air Force brat - so far more complicated actually) and spent the last 16 years in Greenville, SC. He's been a developer for 18 years and has worked with Java technologies for the last 12. He's played roles ranging from junior developer through manager, primarily (and currently) serving as an architect. He's worked in industries ranging from utilities, to manufacturing, to healthcare. He works remotely for Benefitfocus, a cloud-based technology provider to insurance carriers, employers, and over 25 million consumers.