Using Kafka as alternative to Filebeats and Logstash











up vote
2
down vote

favorite
1












I'm new to the ELK stack and I was just wondering whether if it is possible to ship our log files to Elasticsearch using Kafka. But I need the job of Logstash ( parsing logs using filters like grok ) to be done in Kafka as well. Is this entire thing possible? Basically what I'm trying to do is to replace the combination of Filebeats and Logstash with Kafka and I want to know whether if it is possible or not.



Thank you :)



Note: What I am trying to do is to Ship + Parse the logs in Kafka. I know that shipping logs to elasticsearch is possible using the Elasticsearch connector but what I'm asking is that whether Parsing data (Logstash's job) is possible with Kafka.






elasticsearch logging apache-kafka logstash filebeat







share|improve this question
























  • You can checkout that question: stackoverflow.com/questions/48561197/…. It seems it is possible using connect api and elasticsearch connector.
    – alpert
    Jul 18 at 13:08










  • Possible duplicate of How to connect Kafka with Elasticsearch?
    – dawsaw
    Jul 18 at 20:49










  • That particular question was asked on connecting Elasticsearch with Kafka after the logs are parsed by Logstash. What I am asking is whether if it is possible to get Logstash's and Filebeat's jobs (Shipping and Parsing data) via Kafka?
    – Dasun Pubudumal
    Jul 19 at 0:01















up vote
2
down vote

favorite
1












I'm new to the ELK stack and I was just wondering whether if it is possible to ship our log files to Elasticsearch using Kafka. But I need the job of Logstash ( parsing logs using filters like grok ) to be done in Kafka as well. Is this entire thing possible? Basically what I'm trying to do is to replace the combination of Filebeats and Logstash with Kafka and I want to know whether if it is possible or not.



Thank you :)



Note: What I am trying to do is to Ship + Parse the logs in Kafka. I know that shipping logs to elasticsearch is possible using the Elasticsearch connector but what I'm asking is that whether Parsing data (Logstash's job) is possible with Kafka.






elasticsearch logging apache-kafka logstash filebeat







share|improve this question
























  • You can checkout that question: stackoverflow.com/questions/48561197/…. It seems it is possible using connect api and elasticsearch connector.
    – alpert
    Jul 18 at 13:08










  • Possible duplicate of How to connect Kafka with Elasticsearch?
    – dawsaw
    Jul 18 at 20:49










  • That particular question was asked on connecting Elasticsearch with Kafka after the logs are parsed by Logstash. What I am asking is whether if it is possible to get Logstash's and Filebeat's jobs (Shipping and Parsing data) via Kafka?
    – Dasun Pubudumal
    Jul 19 at 0:01













up vote
2
down vote

favorite
1









up vote
2
down vote

favorite
1






1





I'm new to the ELK stack and I was just wondering whether if it is possible to ship our log files to Elasticsearch using Kafka. But I need the job of Logstash ( parsing logs using filters like grok ) to be done in Kafka as well. Is this entire thing possible? Basically what I'm trying to do is to replace the combination of Filebeats and Logstash with Kafka and I want to know whether if it is possible or not.



Thank you :)



Note: What I am trying to do is to Ship + Parse the logs in Kafka. I know that shipping logs to elasticsearch is possible using the Elasticsearch connector but what I'm asking is that whether Parsing data (Logstash's job) is possible with Kafka.






elasticsearch logging apache-kafka logstash filebeat







share|improve this question















I'm new to the ELK stack and I was just wondering whether if it is possible to ship our log files to Elasticsearch using Kafka. But I need the job of Logstash ( parsing logs using filters like grok ) to be done in Kafka as well. Is this entire thing possible? Basically what I'm trying to do is to replace the combination of Filebeats and Logstash with Kafka and I want to know whether if it is possible or not.



Thank you :)



Note: What I am trying to do is to Ship + Parse the logs in Kafka. I know that shipping logs to elasticsearch is possible using the Elasticsearch connector but what I'm asking is that whether Parsing data (Logstash's job) is possible with Kafka.






elasticsearch logging apache-kafka logstash filebeat




elasticsearch logging apache-kafka logstash filebeat






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jul 19 at 0:25

























asked Jul 18 at 12:15









Dasun Pubudumal

387




387












  • You can checkout that question: stackoverflow.com/questions/48561197/…. It seems it is possible using connect api and elasticsearch connector.
    – alpert
    Jul 18 at 13:08










  • Possible duplicate of How to connect Kafka with Elasticsearch?
    – dawsaw
    Jul 18 at 20:49










  • That particular question was asked on connecting Elasticsearch with Kafka after the logs are parsed by Logstash. What I am asking is whether if it is possible to get Logstash's and Filebeat's jobs (Shipping and Parsing data) via Kafka?
    – Dasun Pubudumal
    Jul 19 at 0:01


















  • You can checkout that question: stackoverflow.com/questions/48561197/…. It seems it is possible using connect api and elasticsearch connector.
    – alpert
    Jul 18 at 13:08










  • Possible duplicate of How to connect Kafka with Elasticsearch?
    – dawsaw
    Jul 18 at 20:49










  • That particular question was asked on connecting Elasticsearch with Kafka after the logs are parsed by Logstash. What I am asking is whether if it is possible to get Logstash's and Filebeat's jobs (Shipping and Parsing data) via Kafka?
    – Dasun Pubudumal
    Jul 19 at 0:01
















You can checkout that question: stackoverflow.com/questions/48561197/…. It seems it is possible using connect api and elasticsearch connector.
– alpert
Jul 18 at 13:08




You can checkout that question: stackoverflow.com/questions/48561197/…. It seems it is possible using connect api and elasticsearch connector.
– alpert
Jul 18 at 13:08












Possible duplicate of How to connect Kafka with Elasticsearch?
– dawsaw
Jul 18 at 20:49




Possible duplicate of How to connect Kafka with Elasticsearch?
– dawsaw
Jul 18 at 20:49












That particular question was asked on connecting Elasticsearch with Kafka after the logs are parsed by Logstash. What I am asking is whether if it is possible to get Logstash's and Filebeat's jobs (Shipping and Parsing data) via Kafka?
– Dasun Pubudumal
Jul 19 at 0:01




That particular question was asked on connecting Elasticsearch with Kafka after the logs are parsed by Logstash. What I am asking is whether if it is possible to get Logstash's and Filebeat's jobs (Shipping and Parsing data) via Kafka?
– Dasun Pubudumal
Jul 19 at 0:01












1 Answer
1






active

oldest

votes

















up vote
1
down vote



accepted










I'll break down your question in two:



1. Can events being streamed via kafka can be indexed in ElasticSearch



Yes, if you consider Confluent kafka-connect as part of Kafka. It's not kafka itself that does the indexing but a kafka-connect sink connector that will be configured to consume from your kafka topics and index the events in Elasticsearch.



You can find more information here: https://docs.confluent.io/current/connect/kafka-connect-elasticsearch/index.html



2. Can I achieve the same sort of parsing, transformation and flow control features of logstash directly in Kafka



The only Kafka ecosystem feature I'm aware that can help you do something like that is Kstreams (but you have to know how to develop using Kstreams API) or using another Confluent piece of software called KSQL that allows to do SQL Stream Processing on top of Kafka Topics which is more oriented to Analytics (i.e: Data filtering, transformations, aggregations, joins, windowing and sessionization)



You can find more information on KStreams here: https://kafka.apache.org/documentation/streams/



And you can find more information on KSQL here: https://docs.confluent.io/current/ksql/docs/index.html



Conclusion



In my opinion you wouldn't be able to achieve ALL sort of parsing and transformation capabilities of Logstash / NiFi without having to program with the Kafka Streams API, but you definetely can use kafka-connect to get data into kafka or out of kafka for a wide array of technologies just like Logstash does.



A nice illustration of such setup (taken from Confluent) would be:
enter image description here






share|improve this answer

















  • 1




    Wow! Thank you for the great explanation :) It is always wonderful to have these kinds of explanations in Stackoverflow posts.
    – Dasun Pubudumal
    Nov 21 at 3:27











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f51401795%2fusing-kafka-as-alternative-to-filebeats-and-logstash%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
1
down vote



accepted










I'll break down your question in two:



1. Can events being streamed via kafka can be indexed in ElasticSearch



Yes, if you consider Confluent kafka-connect as part of Kafka. It's not kafka itself that does the indexing but a kafka-connect sink connector that will be configured to consume from your kafka topics and index the events in Elasticsearch.



You can find more information here: https://docs.confluent.io/current/connect/kafka-connect-elasticsearch/index.html



2. Can I achieve the same sort of parsing, transformation and flow control features of logstash directly in Kafka



The only Kafka ecosystem feature I'm aware that can help you do something like that is Kstreams (but you have to know how to develop using Kstreams API) or using another Confluent piece of software called KSQL that allows to do SQL Stream Processing on top of Kafka Topics which is more oriented to Analytics (i.e: Data filtering, transformations, aggregations, joins, windowing and sessionization)



You can find more information on KStreams here: https://kafka.apache.org/documentation/streams/



And you can find more information on KSQL here: https://docs.confluent.io/current/ksql/docs/index.html



Conclusion



In my opinion you wouldn't be able to achieve ALL sort of parsing and transformation capabilities of Logstash / NiFi without having to program with the Kafka Streams API, but you definetely can use kafka-connect to get data into kafka or out of kafka for a wide array of technologies just like Logstash does.



A nice illustration of such setup (taken from Confluent) would be:
enter image description here






share|improve this answer

















  • 1




    Wow! Thank you for the great explanation :) It is always wonderful to have these kinds of explanations in Stackoverflow posts.
    – Dasun Pubudumal
    Nov 21 at 3:27















up vote
1
down vote



accepted










I'll break down your question in two:



1. Can events being streamed via kafka can be indexed in ElasticSearch



Yes, if you consider Confluent kafka-connect as part of Kafka. It's not kafka itself that does the indexing but a kafka-connect sink connector that will be configured to consume from your kafka topics and index the events in Elasticsearch.



You can find more information here: https://docs.confluent.io/current/connect/kafka-connect-elasticsearch/index.html



2. Can I achieve the same sort of parsing, transformation and flow control features of logstash directly in Kafka



The only Kafka ecosystem feature I'm aware that can help you do something like that is Kstreams (but you have to know how to develop using Kstreams API) or using another Confluent piece of software called KSQL that allows to do SQL Stream Processing on top of Kafka Topics which is more oriented to Analytics (i.e: Data filtering, transformations, aggregations, joins, windowing and sessionization)



You can find more information on KStreams here: https://kafka.apache.org/documentation/streams/



And you can find more information on KSQL here: https://docs.confluent.io/current/ksql/docs/index.html



Conclusion



In my opinion you wouldn't be able to achieve ALL sort of parsing and transformation capabilities of Logstash / NiFi without having to program with the Kafka Streams API, but you definetely can use kafka-connect to get data into kafka or out of kafka for a wide array of technologies just like Logstash does.



A nice illustration of such setup (taken from Confluent) would be:
enter image description here






share|improve this answer

















  • 1




    Wow! Thank you for the great explanation :) It is always wonderful to have these kinds of explanations in Stackoverflow posts.
    – Dasun Pubudumal
    Nov 21 at 3:27













up vote
1
down vote



accepted







up vote
1
down vote



accepted






I'll break down your question in two:



1. Can events being streamed via kafka can be indexed in ElasticSearch



Yes, if you consider Confluent kafka-connect as part of Kafka. It's not kafka itself that does the indexing but a kafka-connect sink connector that will be configured to consume from your kafka topics and index the events in Elasticsearch.



You can find more information here: https://docs.confluent.io/current/connect/kafka-connect-elasticsearch/index.html



2. Can I achieve the same sort of parsing, transformation and flow control features of logstash directly in Kafka



The only Kafka ecosystem feature I'm aware that can help you do something like that is Kstreams (but you have to know how to develop using Kstreams API) or using another Confluent piece of software called KSQL that allows to do SQL Stream Processing on top of Kafka Topics which is more oriented to Analytics (i.e: Data filtering, transformations, aggregations, joins, windowing and sessionization)



You can find more information on KStreams here: https://kafka.apache.org/documentation/streams/



And you can find more information on KSQL here: https://docs.confluent.io/current/ksql/docs/index.html



Conclusion



In my opinion you wouldn't be able to achieve ALL sort of parsing and transformation capabilities of Logstash / NiFi without having to program with the Kafka Streams API, but you definetely can use kafka-connect to get data into kafka or out of kafka for a wide array of technologies just like Logstash does.



A nice illustration of such setup (taken from Confluent) would be:
enter image description here






share|improve this answer












I'll break down your question in two:



1. Can events being streamed via kafka can be indexed in ElasticSearch



Yes, if you consider Confluent kafka-connect as part of Kafka. It's not kafka itself that does the indexing but a kafka-connect sink connector that will be configured to consume from your kafka topics and index the events in Elasticsearch.



You can find more information here: https://docs.confluent.io/current/connect/kafka-connect-elasticsearch/index.html



2. Can I achieve the same sort of parsing, transformation and flow control features of logstash directly in Kafka



The only Kafka ecosystem feature I'm aware that can help you do something like that is Kstreams (but you have to know how to develop using Kstreams API) or using another Confluent piece of software called KSQL that allows to do SQL Stream Processing on top of Kafka Topics which is more oriented to Analytics (i.e: Data filtering, transformations, aggregations, joins, windowing and sessionization)



You can find more information on KStreams here: https://kafka.apache.org/documentation/streams/



And you can find more information on KSQL here: https://docs.confluent.io/current/ksql/docs/index.html



Conclusion



In my opinion you wouldn't be able to achieve ALL sort of parsing and transformation capabilities of Logstash / NiFi without having to program with the Kafka Streams API, but you definetely can use kafka-connect to get data into kafka or out of kafka for a wide array of technologies just like Logstash does.



A nice illustration of such setup (taken from Confluent) would be:
enter image description here







share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 15 at 17:56









Alexandre Juma

505212




505212








  • 1




    Wow! Thank you for the great explanation :) It is always wonderful to have these kinds of explanations in Stackoverflow posts.
    – Dasun Pubudumal
    Nov 21 at 3:27














  • 1




    Wow! Thank you for the great explanation :) It is always wonderful to have these kinds of explanations in Stackoverflow posts.
    – Dasun Pubudumal
    Nov 21 at 3:27








1




1




Wow! Thank you for the great explanation :) It is always wonderful to have these kinds of explanations in Stackoverflow posts.
– Dasun Pubudumal
Nov 21 at 3:27




Wow! Thank you for the great explanation :) It is always wonderful to have these kinds of explanations in Stackoverflow posts.
– Dasun Pubudumal
Nov 21 at 3:27


















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f51401795%2fusing-kafka-as-alternative-to-filebeats-and-logstash%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

How to change which sound is reproduced for terminal bell?

Image
3 Recently upgrade to 18.10 from 18.04, and using the terminal is becoming annoying: the new alert sound is a drip ( /usr/share/sounds/gnome/default/alerts/drip.ogg ), and the previous one is still located at ( /usr/share/sounds/ubuntu/stereo/bell.ogg ). My issue is that at the gnome-terminal, when autocompleting or pressing left BOTH sounds are reproduced, at the same time. I want to just have ubuntu/stereo/bell.ogg active, not both . At the moment I have been only able to reduce the volume of the alerts (but still both are played), or turn the alerts down (but I dislike both "solutions"). gnome-terminal 18.10 teminal-bell share | improve this question
Read more

Can I use Tabulator js library in my java Spring + Thymeleaf project?

Image
0 I want to add Tabulator js to my java project. I added tabulator.min.js, tabulator.min.css to resources folder. After that added to my html page these dependencies as recommending in readme.md. <link rel="stylesheet" th:href="@{/css/tabulator.min.css}"> <script type="text/javascript" th:src="@{/js/tabulator.min.js}"></script> Now my tables view all elements, that I have in the html page, but not correct. In the documentation of Tabulator is example how to create header and table, var table = new Tabulator("#example-table", { columns:[ {title:"Name", field:"name", sorter:"string", width:200, editor:true}, {title:"Age", field:"age", sorter:"
Read more

Title Spacing in Bjornstrup Chapter, Removing Chapter Number From Contents

Image
up vote 5 down vote favorite 2 I would like to make it so that the vertical space below the title of each chapter is the same when using the Bjornstrup package (i.e. so that the descenders do not affect the spacing - as shown by the red arrow in the picture below). I think I'm fairly happy with the spacing around "A chapter", so I'd really like titles without descenders (e.g. "Contents") to have the same vertical spacing as "A chapter" below the title. I would also like to remove the large "0" in the contents title. Any help appreciated, as always. documentclass[11pt,a4paper]{book} % Packages[![enter image description here][1]][1] usepackage[left=3.5cm, right=3.5cm, top=4.3cm, bottom=4.25cm]{geometry} usepackage[utf8]{inputenc} usepackage{libertine} usepackage[libertine]{newtx
Read more