log4j2-elasticsearch overview

This is a parent project for log4j2 appender plugins capable of pushing logs in batches to Elasticsearch clusters.

Project consists of:

• log4j-elasticsearch-core - skeleton provider for conrete implementations
• log4j-elasticsearch-jest - Jest HTTP Client compatible with Elasticsearch 2.x, 5.x and 6.x clusters
• log4j-elasticsearch2-bulkprocessor - TCP client compatible with 2.x clusters
• log4j-elasticsearch5-bulkprocessor - TCP client compatible with 5.x and 6.x clusters

Features

• Asynchronous log delivery
• Batch size and flush interval configuration
• Failover (redirect failed batch to alternative target)
• JSON message format (user-provided or default)
• (since 1.1) Index rollover (hourly, daily, etc.)
• (1.1) Index template configuration
• (1.2) Basic Authentication (XPack Security and Shield support)
• (1.2) HTTPS support (XPack Security and Shield - visit submodules for compatibility matrix)

Usage

1. Add this snippet to your pom.xml file:

<dependency>
    <groupId>org.appenders.log4j</groupId>
    <artifactId>log4j2-elasticsearch-jest</artifactId>
    <version>1.2.0</version>
</dependency>

(ensure that Log4j2 and Jackson FasterXML jars are added as well - see Dependencies section below)

2. Add this snippet to log4j2.xml configuration:

<Appenders>
    <Elasticsearch name="elasticsearchAsyncBatch">
        <IndexName indexName="log4j2" />
        <AsyncBatchDelivery>
            <JestHttp serverUris="http://localhost:9200" />
        </AsyncBatchDelivery>
    </Elasticsearch>
</Appenders>

or configure programmatically

3. log.info("Hello, World!");

Dependencies

Be aware that Jackson FasterXML jars that has to be provided by user for this library to work in default mode. Please visit mvnrepository for an overview of provided and compile dependencies

Released to Sonatype OSS repos

Visit submodules' documentation or mvnrepository for XML snippets.