zoukankan      html  css  js  c++  java

  • Logstash_Apache日志采集

    [root@Cagios logstash-2.1.0]# cat /usr/local/logstash-2.1.0/logstash_agent.conf 
input {
  file {
    type => "apache_access"
    path => ["/var/log/httpd/access_log"]
  }
}

filter {
  grok {
    match => {"message" => "%{COMBINEDAPACHELOG}"}
  }
}

output {
  stdout {codec => rubydebug }
  redis {
    host => '192.168.55.133'
    data_type => 'list'
    key => 'logstash:redis'
  }
}
    # 采集到的日志格式

{
        "message" => "192.168.55.1 - - [08/Dec/2015:12:35:21 +0800] "POST /zabbix/jsrpc.php?output=json-rpc HTTP/1.1" 200 64 "http://192.168.55.132/zabbix/hostgroups.php?sid=ec7705df8ce1f99f" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36"",
       "@version" => "1",
     "@timestamp" => "2015-12-08T04:35:21.342Z",
           "host" => "0.0.0.0",
           "path" => "/var/log/httpd/access_log",
           "type" => "apache_access",
       "clientip" => "192.168.55.1",
          "ident" => "-",
           "auth" => "-",
      "timestamp" => "08/Dec/2015:12:35:21 +0800",
           "verb" => "POST",
        "request" => "/zabbix/jsrpc.php?output=json-rpc",
    "httpversion" => "1.1",
       "response" => "200",
          "bytes" => "64",
       "referrer" => ""http://192.168.55.132/zabbix/hostgroups.php?sid=ec7705df8ce1f99f"",
          "agent" => ""Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36""
}
  • 相关阅读:
    循环移位算法
    关于Java中2.0-1.1!=0.9的问题
    Java基础语法(三)
    Java基础语法(二)
    Java基础语法(一)
    关于Java运行机制
    Java从零开始(前篇)
    关于.ssh目录下的known_hosts文件的补充
    解决 bash cd too many arguments 报错
    Markdown学习笔记(一)
  • 原文地址:https://www.cnblogs.com/caoguo/p/5028719.html
Copyright © 2011-2022 走看看