diff --git a/INSTALL b/INSTALL
index 2ca98c9ca..2fc094dad 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,10 +1,3 @@
-required gems:
-- mkdtemp
-- json
-- ferret
-- file-tail
-- stomp
-
 This code is not beta, not alpha, but like something unnamed where
 only three people in the world have gotten it to run. YMMV. Expect
 much debuggery.
@@ -20,11 +13,13 @@ You should have ruby and rubygems installed.
 After that install the following gems, via 'gem install gemname'
 
 required gems:
+- ruby-prof
 - mkdtemp
 - json
 - ferret
-- ruby-prof
-
+- file-tail
+- stomp
+- uuid
 
 You'll also need ruby-grok - see instructions below..
 
@@ -50,11 +45,18 @@ Check your /etc/ld.so.conf, or /etc/ld.so.conf.d/* .
 If not already set add /usr/local/lib
 
 # RUNNING INSTRUCTIONS
-Unpack into /opt/logstash, then cd into that directory
+cd into /opt/logstash
+You'll need to start stompserver.. From the command line: 'stompserver'
+Next start logstashd via 'ruby bin/logstashd.rb'
+In another window start up the agent via 
+'ruby bin/agent.redhat.rb localhost:61613'
+This assumes your system is redhat derivative (fedora, centos, etc..)
+You should see a bunch of traffic as 'agent' loads log data.
 
-ruby sandbox/srv.rb
-... in another window...
-ruby sandbox/client.rb /var/log/messages # loads messages into logstash
-# ^^ get "Entry was nil" ..
-ruby sandbox/searchclient.rb linux-syslog "search_string"
+Now search via:
+ruby bin/search.rb linux-syslog '*alsa*'
+ruby bin/search.rb httpd-access '*favicon.ico*'
+
+Note: All files will need access to /var/tmp/ruby-uuid so run all scripts
+as the same user..
 
diff --git a/bin/agent.redhat.rb b/bin/agent.redhat.rb
new file mode 100755
index 000000000..0d63bc07d
--- /dev/null
+++ b/bin/agent.redhat.rb
@@ -0,0 +1,67 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+require 'lib/net/client'
+require 'lib/net/messages/indexevent'
+require 'lib/net/messages/quit'
+require 'lib/file/tail/since'
+require 'stomp'
+require 'socket'
+
+
+class Agent < LogStash::Net::MessageClient
+  def initialize(host, port)
+    super(username="", password="", host=host, port=port)
+    @hostname = Socket.gethostname
+    @msgs = []
+  end # def initialize
+
+  def start_log_watcher
+    @threads = []
+    @threads << Thread.new do
+      File::Tail::Since.new("/var/log/messages").tail do |line|
+        line.chomp!
+        index("linux-syslog", line)
+      end
+    end
+    @threads << Thread.new do
+      File::Tail::Since.new("/var/log/httpd/access_log").tail do |line|
+        line.chomp!
+        index("httpd-access", line)
+      end
+    end
+  end # def start_log_watcher
+
+  def index(type, string)
+    ier = LogStash::Net::Messages::IndexEventRequest.new
+    ier.log_type = type
+    ier.log_data = string
+    ier.metadata["source_host"] = @hostname
+
+    #puts "Sending: #{ier}"
+    sendmsg("/queue/logstash", ier)
+  end # def index
+
+  def IndexEventResponseHandler(msg)
+    if msg.code != 0
+      puts msg.inspect
+    end
+  end # def IndexEventResponseHandler
+
+  def run
+    start_log_watcher
+    super
+  end
+end
+
+
+if $0 == __FILE__
+  if ARGV.length == 0
+    puts "Usage: #{$0} host:port"
+    exit 1
+  end
+  Thread::abort_on_exception = true
+  host, port = ARGV[0].split(":")
+  agent = Agent.new(host, port)
+  agent.run
+end