zoukankan      html  css  js  c++  java

  • filebeat收集多日志

    1.收集多日志到ES

    1)方式一:

    [root@web01 ~]# vim /etc/filebeat/filebeat.yml
filebeat.inputs:
- type: log
  enable: true
  paths:
    - /var/log/nginx/access.log
  json.keys_under_root: true
  json.overwrite_keys: true
- type: log
  enable: true
  paths:
    - /var/log/messages

output.elasticsearch:
  hosts: ["10.0.0.51:9200"]
  indices:
    - index: "nginx_%{+YYYY-MM-dd}"
      when.contains:
        source: "/var/log/nginx/access.log"
    - index: "message_%{+YYYY-MM-dd}"
      when.contains:
        source: "/var/log/messages"
setup.template.enabled: false
setup.template.name: "nginx"
setup.template.pattern: "nginx-*"

    2)方式二:

    [root@web01 ~]# vim /etc/filebeat/filebeat.yml

filebeat.inputs:
- type: log
  enable: true
  paths:
    - /var/log/nginx/access.log
  json.keys_under_root: true
  json.overwrite_keys: true
  tags: ["nginx"]

- type: log
  enable: true
  paths:
    - /var/log/messages
  tags: ["messages"]

output.elasticsearch:
  hosts: ["10.0.0.51:9200"]
  indices:
    - index: "nginx_%{+YYYY-MM-dd}"
      when.contains:
        tags: "nginx"
    - index: "message_%{+YYYY-MM-dd}"
      when.contains:
        tags: "messages"
setup.template.enabled: false
setup.template.name: "nginx"
setup.template.pattern: "nginx-*"
  • 相关阅读:
    【JS】在JS方法中返回多个值的三种方法
    【装饰】博客园背景轮播
    【jquery】查看全文/收起
    jQuery节点查找方法
    点击事件的累加问题
    微信小程序动画效果集合
    【数组】数组的操作
    【Mock.js】 入门
    【下拉刷新】WEUI下拉刷新
    __iomem作用
  • 原文地址:https://www.cnblogs.com/Applogize/p/13545850.html
Copyright © 2011-2022 走看看