This is simple log analyzer based on the ELK stack. Just put your log file here, set-up the GROK patterns and run docker-compose.
- Copy your log file into
datafolder asaccess.log(you can use different name, but you must correctly set it in thelogstash_cache_log_pipeline.conffile) - Correctly set the GROK pattern in the
logstash_cache_log_pipeline.conffile in the filters section. Good way is to take few messages from your log and try it in Heroku Debugger. If you need to see the messages produced by Logstash, uncomment output to stdout. - Run
docker-compose up -dto start up the machinery - Navigate yourself to Kibana running here: http://localhost:5601
- In Kibana add the index pattern:
- Go to Management
- Click Index Patterns
- Fill in
logstash-* - Select
@timestampas Time Filter field - Click Create Index Pattern
- Go to Discover, select Time Range appropriate to your data and watch how messages from your log file are being indexed.