Why not to use standard files?
Usually, when you are working with Sitecore you will have standard file-based logs. For development, this is more than enough but when it comes to other environments it could be very nice to have all logs centralized. Moreover need to be sure that logs are not lost in cases when something went wrong and it is easy to find information in it. So my goal is to create a solution base on EKL (ElasticSearch+Logstash+Kibana) which will get log data from Sitecore and provide possibilities to search and work with them.
[caption id=“attachment_46” align=“alignleft” width=“660”] Kibana Query interface[/caption]
Solution
First try
First of all, I’ve tried to use a file-based input plugin from Logstash and it wasn’t successful :) It works, but there were some troubles. The plugin locks all files to check updates & Sitecore is doing the same, so this will lead to potential issues. So I looked through other logstash input plugins and stopped at rabbitmq
RabbitMQ is a messages broker that works on AMQP.
What is AMQP?
AMQP (Advanced Message Queuing Protocol) is a networking protocol that enables conforming client applications to communicate with conforming messaging middleware brokers.
Brokers and Their Role
Messaging brokers receive messages from publishers (applications that publish them, also known as producers) and route them to consumers (applications that process them).
The next step was to integrate Sitecore with RabbitMQ but I will describe it in a separate post.