| ... | @@ -77,9 +77,8 @@ The configuration is made in /etc/logstash/conf.d/logstash.conf |
... | @@ -77,9 +77,8 @@ The configuration is made in /etc/logstash/conf.d/logstash.conf |
|
|
ssl_certificate => "/etc/ssl/logstash-forwarder.crt"
|
|
ssl_certificate => "/etc/ssl/logstash-forwarder.crt"
|
|
|
ssl_key => "/etc/ssl/logstash-forwarder.key"
|
|
ssl_key => "/etc/ssl/logstash-forwarder.key"
|
|
|
}
|
|
}
|
|
|
}
|
|
} `
|
|
|
filter {
|
|
` filter {
|
|
|
# if [type] == "application" {
|
|
|
|
|
grok {
|
|
grok {
|
|
|
match => { "message" => "%{MONTH} %{MONTHDAY}, %{YEAR} %{HOUR}:%{MINUTE}: %{WORD:status} %{WORD:category}: %{GREEDYDATA:key_values}" }
|
|
match => { "message" => "%{MONTH} %{MONTHDAY}, %{YEAR} %{HOUR}:%{MINUTE}: %{WORD:status} %{WORD:category}: %{GREEDYDATA:key_values}" }
|
|
|
}
|
|
}
|
| ... | @@ -91,14 +90,11 @@ filter { |
... | @@ -91,14 +90,11 @@ filter { |
|
|
remove_field => [ "message", "key_values" ]
|
|
remove_field => [ "message", "key_values" ]
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
# }
|
|
|
|
|
#}
|
|
|
|
|
# if [type] == "production"
|
|
|
|
|
json {
|
|
json {
|
|
|
source => "message"
|
|
source => "message"
|
|
|
}
|
|
}
|
|
|
}
|
|
} `
|
|
|
output {
|
|
` output {
|
|
|
elasticsearch {
|
|
elasticsearch {
|
|
|
hosts => ["localhost:9200"]
|
|
hosts => ["localhost:9200"]
|
|
|
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
|
|
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
|
| ... | |
... | |
| ... | | ... | |
