Hello,

I found this really great step by step guide on how to set that all up on Ubuntu here:

https://www.elastic.co/blog/how-to-centralize-logs-with-rsyslog-logstash-and-elasticsearch-on-ubuntu-14-04

The only thing is that it is for Ubuntu 14.04 so you might have to be a bit creative though it is still the same concept!

Regards,
Bobby