zoukankan html css js c++ java

elk文件

=================正则匹配
[root@web02 conf.d]# cat apache-grok.conf 
input{
  file {
    path => "/var/log/httpd/access_log"
    type => "apache_access.log"
    start_position => "beginning"
  }
}

filter {
  if [type] == "apache_access.log" {
    grok {
      match => {"message" => "%{COMBINEDAPACHELOG}" } # 内置httpd正则
      }
  }
}

output{
	 if [type] == "apache_access.log" {
         	elasticsearch {
      			hosts => ["10.0.0.18:9200"]
      			index=> "apache_access-%{+YYYY-MM}"
    		}
  	}
	stdout {
		codec => rubydebug
	}
}
==============================
[root@web02 conf.d]# cat grok.conf 
input {
	stdin {

	}
}


filter {
	grok {
		 match => { "message" => "%{IP:client} %{WORD:method} %{URIPATHPARAM:request} %{NUMBER:bytes} %{NUMBER:duration}" }
	}


}


output {

	stdout {
		codec => rubydebug
	}

}
=========================
[root@web02 conf.d]# cat httpd_redis.conf 
input {
	file {

		path => "/var/log/httpd/access_log"
		start_position => "beginning"
	}


}

output {
	redis {
		host => "10.0.0.18"
		port => "6379"
		db => "6"
		data_type => "list"
		key => "demo"

	}

}
============================
[root@web02 conf.d]# cat nginx.conf 
input {
	file {
		path => "/var/log/nginx/access_log_jason.log"
		codec => "json"
		type => "nginx-access-log"
	}


}


filter {



}


output {
	elasticsearch {
		hosts => ["10.0.0.18:9200"]
		index => "nginx-access-log-%{+YYYY.MM.dd}"

	}
	stdout{
		codec => rubydebug
	}

}
======================


[root@web02 conf.d]# cat redis.conf 
input {
	stdin {

	}


}



filter {



}

output {
	redis {

		host => "10.0.0.18"
		port  => "6379"
		db => "6"
		data_type => "list"
		key => "demo"
	}



}

查看全文

相关阅读:
2017-9-8-Linux下VNC server开启&图形界面显示
 2017-9-8-RaspberryPi安装过程
 2017-9-7-Linux Mint TFTP服务安装开启
 2017-9-7-第一篇博客
 面试回答优缺点问题
 多层板的层叠和压合结构
 磁珠和电感
 关于TVS、ESD、稳压二极管、压敏电阻
 STM8硬件设计注意事项
 根据电路板画出电路原理图的方法

原文地址：https://www.cnblogs.com/gaoyuechen/p/8361635.html