Push events to an Amazon Web Services Simple Queue Service (SQS) queue.
SQS is a simple, scalable queue system that is part of the Amazon Web Services suite of tools.
Although SQS is similar to other queuing systems like AMQP, it uses a custom API and requires that you have an AWS account. See http://aws.amazon.com/sqs/ for more details on how SQS works, what the pricing schedule looks like and how to setup a queue.
To use this plugin, you must:
The “consumer” identity must have the following permissions on the queue:
Typically, you should setup an IAM policy, create a user and apply the IAM policy to the user. A sample policy is as follows:
{
"Statement": [
{
"Sid": "Stmt1347986764948",
"Action": [
"sqs:ChangeMessageVisibility",
"sqs:ChangeMessageVisibilityBatch",
"sqs:DeleteMessage",
"sqs:DeleteMessageBatch",
"sqs:GetQueueAttributes",
"sqs:GetQueueUrl",
"sqs:ListQueues",
"sqs:ReceiveMessage"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sqs:us-east-1:200850199751:Logstash"
]
}
]
}
See http://aws.amazon.com/iam/ for more details on setting up AWS identities.
output {
sqs {
access_key_id => ... # string (optional)
aws_credentials_file => ... # string (optional)
batch => ... # boolean (optional), default: true
batch_events => ... # number (optional), default: 10
batch_timeout => ... # number (optional), default: 5
codec => ... # codec (optional), default: "plain"
proxy_uri => ... # string (optional)
queue => ... # string (required)
region => ... # string, one of ["us-east-1", "us-west-1", "us-west-2", "eu-west-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "sa-east-1", "us-gov-west-1"] (optional), default: "us-east-1"
secret_access_key => ... # string (optional)
use_ssl => ... # boolean (optional), default: true
workers => ... # number (optional), default: 1
}
}
This plugin uses the AWS SDK and supports several ways to get credentials, which will be tried in this order…
1. Static configuration, using access_key_id and secret_access_key params in logstash plugin config
2. External credentials file specified by aws_credentials_file
3. Environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
4. Environment variables AMAZON_ACCESS_KEY_ID and AMAZON_SECRET_ACCESS_KEY
5. IAM Instance Profile (available when running inside EC2)
Path to YAML file containing a hash of AWS credentials.
This file will only be loaded if access_key_id and
secret_access_key aren’t set. The contents of the
file should look like this:
:access_key_id: "12345"
:secret_access_key: "54321"
Set to true if you want send messages to SQS in batches with batch_send from the amazon sdk
If batch is set to true, the number of events we queue up for a batch_send.
If batch is set to true, the maximum amount of time between batch_send commands when there are pending events to flush.
The codec used for output data. Output codecs are a convenient method for encoding your data before it leaves the output, without needing a separate filter in your Logstash pipeline.
Only handle events without any of these tags. Note this check is additional to type and tags.
URI to proxy server if required
Name of SQS queue to push messages into. Note that this is just the name of the queue, not the URL or ARN.
The AWS Region
The AWS Secret Access Key
Only handle events with all of these tags. Note that if you specify a type, the event must also match that type. Optional.
The type to act on. If a type is given, then this output will only act on messages with the same type. See any input plugin’s “type” attribute for more. Optional.
Should we require (true) or disable (false) using SSL for communicating with the AWS API
The AWS SDK for Ruby defaults to SSL so we preserve that
The number of workers to use for this output. Note that this setting may not be useful for all outputs.