How can I integrate Tomcat6's catalina.out file with Logstash + ElasticSearch + Kibana?

Question

I want to have a centralized logging server.

I have created two Ubuntu 12.04 LTS servers based on this iso.

After successfully and strictly following this tutorial steps, I have:

1. One Logging Server with Logstash + ElasticSearch + Kibana.
2. And one Application Server with a Logstash-Forwarder, Tomcat 6 and another app, which logs are being registered in the catalina.out file.

My question is:

• What 'for-dummies' steps should I follow now in order to send catalina.out logs from the App Server to the Logging Server in such a way that those logs are properly structured and query-able in ElasticSearch + Kibana?

Mind that catalina.out has not just one uniform format, and that multi-line Java exceptions are going to be registered as well.

I have read some tutorials regarding this, but I feel they weren't sufficiently well-explained for a dummy like me: Lacking examples of full paths to files, appropriate file names, required ubuntu commands, and so on.

Thanks in advance!

Answer 1

You can push the catalina logs also directly to logstash using GELF: http://www.paluch.biz/blog/105-integrating-logstash-with-tomcat-7.html

logstash-gelf does not provide a access logging valve for pushing access logs to logstash.