Loggly output plugin v6.0.0

edit
  • Plugin version: v6.0.0
  • Released on: 2018-07-03
  • Changelog

For other versions, see the overview list.

To learn more about Logstash, see the Logstash Reference.

Getting help

edit

For questions about the plugin, open a topic in the Discuss forums. For bugs or feature requests, open an issue in Github. For the list of Elastic supported plugins, please consult the Elastic Support Matrix.

Description

edit

Got a loggly account? Use logstash to ship logs to Loggly!

This is most useful so you can use logstash to parse and structure your logs and ship structured, json events to your account at Loggly.

To use this, you’ll need to use a Loggly input with type http and json logging enabled.

Loggly Output Configuration Options

edit

This plugin supports the following configuration options plus the Common options described later.

Also see Common options for a list of options supported by all output plugins.

 

can_retry

edit
  • Value type is boolean
  • Default value is true

Can Retry. Setting this value true helps user to send multiple retry attempts if the first request fails

convert_timestamp

edit
  • Value type is boolean
  • Default value is true

The plugin renames Logstash’s @timestamp field to timestamp before sending, so that Loggly recognizes it automatically.

This will do nothing if your event doesn’t have a @timestamp field or if your event already has a timestamp field.

Note that the actual Logstash event is not modified by the output. This modification only happens on a copy of the event, prior to sending.

host

edit
  • Value type is string
  • Default value is "logs-01.loggly.com"

The hostname to send logs to. This should target the loggly http input server which is usually "logs-01.loggly.com" (Gen2 account). See the Loggly HTTP endpoint documentation.

key

edit
  • This is a required setting.
  • Value type is string
  • There is no default value for this setting.

The loggly http customer token to use for sending. You can find yours in "Source Setup", under "Customer Tokens".

You can use %{foo} field lookups here if you need to pull the api key from the event. This is mainly aimed at multitenant hosting providers who want to offer shipping a customer’s logs to that customer’s loggly account.

max_event_size

edit
  • This is a required setting.
  • Value type is bytes
  • Default value is 1 Mib

The Loggly API supports event size up to 1 Mib.

You should only need to change this setting if the API limits have changed and you need to override the plugin’s behaviour.

See the Loggly bulk API documentation

max_payload_size

edit
  • This is a required setting.
  • Value type is bytes
  • Default value is 5 Mib

The Loggly API supports API call payloads up to 5 Mib.

You should only need to change this setting if the API limits have changed and you need to override the plugin’s behaviour.

See the Loggly bulk API documentation

proto

edit
  • Value type is string
  • Default value is "http"

Should the log action be sent over https instead of plain http

proxy_host

edit
  • Value type is string
  • There is no default value for this setting.

Proxy Host

proxy_password

edit
  • Value type is password
  • Default value is ""

Proxy Password

proxy_port

edit
  • Value type is number
  • There is no default value for this setting.

Proxy Port

proxy_user

edit
  • Value type is string
  • There is no default value for this setting.

Proxy Username

retry_count

edit
  • Value type is number
  • Default value is 5

Retry count. It may be possible that the request may timeout due to slow Internet connection if such condition appears, retry_count helps in retrying request for multiple times It will try to submit request until retry_count and then halt

tag

edit

Loggly Tags help you to find your logs in the Loggly dashboard easily. You can search for a tag in Loggly, using "tag:your_tag".

If you need to specify multiple tags here on your events, specify them as outlined in the tag documentation. E.g. "tag" => "foo,bar,myApp".

You can also use "tag" => "%{somefield},%{another_field}" to take your tag values from somefield and another_field on your event. If the field doesn’t exist, no tag will be created. Helpful for leveraging Loggly source groups.

Common options

edit

These configuration options are supported by all output plugins:

Setting Input type Required

codec

codec

No

enable_metric

boolean

No

id

string

No

codec

edit
  • Value type is codec
  • Default value is "plain"

The codec used for output data. Output codecs are a convenient method for encoding your data before it leaves the output without needing a separate filter in your Logstash pipeline.

enable_metric

edit
  • Value type is boolean
  • Default value is true

Disable or enable metric logging for this specific plugin instance. By default we record all the metrics we can, but you can disable metrics collection for a specific plugin.

  • Value type is string
  • There is no default value for this setting.

Add a unique ID to the plugin configuration. If no ID is specified, Logstash will generate one. It is strongly recommended to set this ID in your configuration. This is particularly useful when you have two or more plugins of the same type. For example, if you have 2 loggly outputs. Adding a named ID in this case will help in monitoring Logstash when using the monitoring APIs.

output {
  loggly {
    id => "my_plugin_id"
  }
}