zoukankan      html  css  js  c++  java

  • elk文件

    =================正则匹配
[root@web02 conf.d]# cat apache-grok.conf 
input{
  file {
    path => "/var/log/httpd/access_log"
    type => "apache_access.log"
    start_position => "beginning"
  }
}

filter {
  if [type] == "apache_access.log" {
    grok {
      match => {"message" => "%{COMBINEDAPACHELOG}" } # 内置httpd正则
      }
  }
}

output{
	 if [type] == "apache_access.log" {
         	elasticsearch {
      			hosts => ["10.0.0.18:9200"]
      			index=> "apache_access-%{+YYYY-MM}"
    		}
  	}
	stdout {
		codec => rubydebug
	}
}
==============================
[root@web02 conf.d]# cat grok.conf 
input {
	stdin {

	}
}


filter {
	grok {
		 match => { "message" => "%{IP:client} %{WORD:method} %{URIPATHPARAM:request} %{NUMBER:bytes} %{NUMBER:duration}" }
	}


}


output {

	stdout {
		codec => rubydebug
	}

}
=========================
[root@web02 conf.d]# cat httpd_redis.conf 
input {
	file {

		path => "/var/log/httpd/access_log"
		start_position => "beginning"
	}


}

output {
	redis {
		host => "10.0.0.18"
		port => "6379"
		db => "6"
		data_type => "list"
		key => "demo"

	}

}
============================
[root@web02 conf.d]# cat nginx.conf 
input {
	file {
		path => "/var/log/nginx/access_log_jason.log"
		codec => "json"
		type => "nginx-access-log"
	}


}


filter {



}


output {
	elasticsearch {
		hosts => ["10.0.0.18:9200"]
		index => "nginx-access-log-%{+YYYY.MM.dd}"

	}
	stdout{
		codec => rubydebug
	}

}
======================


[root@web02 conf.d]# cat redis.conf 
input {
	stdin {

	}


}



filter {



}

output {
	redis {

		host => "10.0.0.18"
		port  => "6379"
		db => "6"
		data_type => "list"
		key => "demo"
	}



}

     
  • 相关阅读:
    构造函数详解
    左值和左值引用、右值和右值引用
    Lambda函数
    std::thread详解
    运算符重载
    友元函数和友元类
    xadmin list_filter 外键数据不显示
    中缀表达式转后缀表达式
    Centos 7 minimal 联网
    python 运用三目判断对象中多个属性 有且非空
  • 原文地址:https://www.cnblogs.com/gaoyuechen/p/8361635.html
Copyright © 2011-2022 走看看