Mike Hillwig gets us started on Logstash:
Logstash is an incredibly powerful tool. If you can put data into a text file, Logstash can parse it. It works well with a lot of data, but I’m finding myself using it more to use it for event data. When I say event data, if it triggers a log event and it writes to a log, it’s an event. For the purposes of my demos, I’m using data from the Bureau of Transportation Statistics. They track flight performance data, which works perfectly for my uses. It’s a great example dataset without using anything related to my real job.
Logstash configuration files typically have three sections, INPUT, FILTER, and OUTPUT. However, FILTER is optional.
This is the first part in a series, so stay tuned.