Should I use elastic search for logging without logstash

Question

Should I use elastic search for logging without logstash

I plan to use Elasticsearch to log all my applications (e.g. audit trail).

Given how I have direct control over the application, should I directly push data into Elasticsearch using their REST API, or should I somehow use Logstash to feed data into Elasticsearch?

Is there some reason I should use Logstash when I can directly insert data into Elasticsearch? This is an additional layer for management.

+4

architecture elasticsearch software-design

Thihara Jun 09 '17 at 5:08

source share

1 answer

Vasyl Zvarydchuk · Accepted Answer · 2017-06-13T04:26:42+0000

If you need to analyze different log formats (eventlog, syslog, etc.), support different transports (UDP, TCP, etc.), and log outputs use Logstash. If http is right for you and you only collect logs from one application, use ES directly. Logstash is an optional tool. Details here .

Should I use elastic search for logging without logstash

More articles: