zoukankan      html  css  js  c++  java

  • logstash安装log4j插件

    本文主要参考:https://www.cnblogs.com/chinway/p/9841759.html

    目前的环境如下:

    logstash-6.2.4

    elasticsearch-6.2.4

    kibana-6.2.4-linux-x86_64

    centos 5.5

    在安装好ELK的情况下

    对logstash操作

    /usr/local/app/logstash-6.2.4/config

     vi log4j_es.conf

    input {
    log4j {
        host => "127.0.0.1"
        port => 4560
    }
}

output {
    stdout {
      codec => rubydebug
    }
    elasticsearch{
        hosts => ["localhost:9200"]
        index => "log4j-%{+YYYY.MM.dd}"
        document_type => "log4j_type"
    }
}

     启动Logstash

    ./bin/logstash -f config/log4j-es.conf

    当出现错误时

    input加入log4j插件启动报如下错误

    [2019-11-07T16:25:57,709][ERROR][logstash.plugins.registry] Tried to load a plugin's code, but failed. {:exception=>#<LoadError: no such file to load -- logstash/inputs/log4j>, :path=>"logstash/inputs/log4j", :type=>"input", :name=>"log4j"}
    说明还没安装插件logj4

    去到bin目录下面执行./logstash-plugin list

    发现插件列表还真没有logstash-input-log4j插件

    安装插件

    ./logstash-plugin install logstash-input-log4j

    安装会比较慢,需等待

     

     在项目中log4j.properties(放在resources文件夹下)

    ### 设置###
log4j.rootLogger = debug,stdout,D,E,logstash

### 输出信息到控制抬 ###
log4j.appender.stdout = org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target = System.out
log4j.appender.stdout.layout = org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern = [%-5p] %d{yyyy-MM-dd HH:mm:ss,SSS} method:%l%n%m%n

### 输出DEBUG 级别以上的日志到=/Users/bee/Documents/elk/log4j/debug.log###
log4j.appender.D = org.apache.log4j.DailyRollingFileAppender
log4j.appender.D.File = /Users/KG/Documents/logs/elk/debug.log
log4j.appender.D.Append = true
log4j.appender.D.Threshold = DEBUG
log4j.appender.D.layout = org.apache.log4j.PatternLayout
log4j.appender.D.layout.ConversionPattern = %-d{yyyy-MM-dd HH:mm:ss}  [ %t:%r ] - [ %p ]  %m%n

### 输出ERROR 级别以上的日志到=/Users/bee/Documents/elk/log4j/error.log  ###
log4j.appender.E = org.apache.log4j.DailyRollingFileAppender
log4j.appender.E.File =/Users/KG/Documents/logs/elk/error.log
log4j.appender.E.Append = true
log4j.appender.E.Threshold = ERROR
log4j.appender.E.layout = org.apache.log4j.PatternLayout
log4j.appender.E.layout.ConversionPattern = %-d{yyyy-MM-dd HH:mm:ss}  [ %t:%r ] - [ %p ]  %m%n

#输出日志到logstash
log4j.appender.logstash=org.apache.log4j.net.SocketAppender
log4j.appender.logstash.RemoteHost=127.0.0.1
log4j.appender.logstash.port=4560
log4j.appender.logstash.ReconnectionDelay=60000
log4j.appender.logstash.LocationInfo=true
  • 相关阅读:
    python ping监控
    MongoDB中一些命令
    进制转换(十进制转十六进制 十六进制转十进制)
    通过ssh建立点对点的隧道,实现两个子网通信
    linux环境下的各种后台执行
    python requests请求指定IP的域名
    不需要修改/etc/hosts,curl直接解析ip请求域名
    MongoDB数据update的坑
    windows平台使用Microsoft Visual C++ Compiler for Python 2.7编译python扩展
    rabbitmq问题之HTTP access denied: user 'guest'
  • 原文地址:https://www.cnblogs.com/fuanyu/p/15602947.html
Copyright © 2011-2022 走看看