You're viewing version 1.1 of the OpenSearch documentation. This version is no longer maintained. For the latest version, see the current documentation. For information about OpenSearch version maintenance, see Release Schedule and Maintenance Policy.
Ship events to OpenSearch
You can Ship Logstash events to an OpenSearch cluster and then visualize your events with OpenSearch Dashboards.
Make sure you have Logstash, OpenSearch, and OpenSearch Dashboards.
OpenSearch output plugin
To run the OpenSearch output plugin, add the following configuration in your pipeline.conf
file:
output {
opensearch {
hosts => "https://localhost:9200"
user => "admin"
password => "admin"
index => "logstash-logs-%{+YYYY.MM.dd}"
ssl_certificate_verification => false
}
}
Sample walkthrough
-
Open the
config/pipeline.conf
file and add in the following configuration:input { stdin { codec => json } } output { opensearch { hosts => "https://localhost:9200" user => "admin" password => "admin" index => "logstash-logs-%{+YYYY.MM.dd}" ssl_certificate_verification => false } }
This Logstash pipeline accepts JSON input through the terminal and ships the events to an OpenSearch cluster running locally. Logstash writes the events to an index with the
logstash-logs-%{+YYYY.MM.dd}
naming convention. -
Start Logstash:
$ bin/logstash -f config/pipeline.conf --config.reload.automatic
config/pipeline.conf
is a relative path to thepipeline.conf
file. You can use an absolute path as well. -
Add a JSON object in the terminal:
{ "amount": 10, "quantity": 2}
-
Start OpenSearch Dashboards and choose Dev Tools:
GET _cat/indices?v health | status | index | uuid | pri | rep | docs.count | docs.deleted | store.size | pri.store.size green | open | logstash-logs-2021.07.01 | iuh648LYSnmQrkGf70pplA | 1 | 1 | 1 | 0 | 10.3kb | 5.1kb