

Ask HN: What is more reliable, logstash or rsyslog? - uptownhr

Trying to decide if i should replace rsyslog with logstash or read off of rsyslog&#x27;s file and use logstash to insert to elastic search.<p>I&#x27;m thinking rsyslog is not required but not sure if logstash is more stable than rsyslog.
======
radu0gheorghe
They are both reliable and they both have Elasticsearch outputs (recipe for
rsyslog+Elasticsearch+Kibana here:
[http://blog.sematext.com/2013/07/01/recipe-rsyslog-
elasticse...](http://blog.sematext.com/2013/07/01/recipe-rsyslog-
elasticsearch-kibana/)). I would stick with rsyslog if you only need to send
syslog to Elasticsearch (maybe upgrade to a recent version, the ones from most
distros are ancient). Logstash is more flexible and easy to use, so if I have
something that rsyslog can't do or it's too messy, I would replace it with
Logstash, or just install Logstash alongside rsyslog (normally, rsyslog is
very light)

------
sumodirjo
Both should be reliable. The benefit you get with logstash or ELK
(Elasticsearch, Logstash, Kibana) is that you can graph the log, search the
logs easily from multiple servers and set alert based on anomaly pattern found
on logs.

------
runjake
You've provided no context, so I couldn't provide you with a meaningful
answer. On the face of it, they are both stable at high loads.

------
uptownhr
thanks for everyone's answers.

