how to monitor logs of multiple machines using logstash

Discussion in 'Install Logstash and Kibana on a Windows server.' started by Vi Pham, Aug 2, 2016.

  1. Vi Pham

    Vi Pham

    As your guide, the logstash only monitor one Windows machine set up ELK, is it correct? I have a range of machines need to be monitored log files. How I set up Logstash to put all log files of all machines to one server installed ELK and view all log to Kibana?
  2. sbagmeijer

    sbagmeijer

    Your Logstash runs on a port so all you have to do is make sure your firewall allows that port for the servers you want to sent logs from.
    then on all the other windows servers you only have to install a shipper (filebeat, nxlog, etc) and the config file of your shipper you point to your logstash server ip and port.
  3. Vi Pham

    Vi Pham

    Thanks for quick reply. Your guide is very helpful to me. After following your tutorial, I cannot launch Kibana by using site name. '504 DNS look up failed' is introduced. My server is joined workgroup not any domain. But I can launch Kibana by using My intend to set up ELK server be able to access on any machine using sitename. such that all my members can trace their logs when they look at Kibana launch on they browser.
    Do you have any ideas on above error 504? If so please give me some trick as I am not familiar with web service.
  4. sbagmeijer

    sbagmeijer

    you could test it by adding to your hosts file: www.example.com

    For me it works fine as long as you make sure to update your IIS to use the domain name.
    I have never really connected directly to Kibana with a domain as this is not really the recommended way.

