zoukankan      html  css  js  c++  java

  • 场景示例 Nginx 访问日志

    http {
    include       mime.types;
    default_type  application/octet-stream;
      log_format  main  '$remote_addr [$time_local] "$request" '
                      '$request_body $status $body_bytes_sent "$http_referer" "$http_user_agent" '
                      '$request_time $http_x_forwarded_for';


日志格式:
121.40.228.39 [01/Sep/2016:11:04:46 +0800] "GET / HTTP/1.1" - 200 20698 "-" "curl/7.44.0" 0.001 -

10.168.255.134 [01/Sep/2016:11:04:48 +0800] "GET /account/fund/fundDetail.html?1472699086917 HTTP/1.1" - 200 3777 "https://wenjinbao.winfae.com/account/myAccount.html" "Mozilla/5.0 (Windows NT 5.1) 

AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.108 Safari/537.36 2345Explorer/7.1.0.12633" 0.000 115.226.250.21


}
filter {
    grok {
        match => {
             "message" => "%{IPORHOST:clientip} [%{HTTPDATE:time}] "%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}" - %{NUMBER:http_status_code} %{NUMBER:bytes} "(?

<http_referer>S+)" "(?<http_user_agent>(S+s+)*S+)" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)"
        }
    }   
}




elasticsearch:
{

    "_index": "logstash-wj-frontend-2016.09.01",
    "_type": "wj_frontend_access",
    "_id": "AVbju8BdiJd39o4dhL8S",
    "_version": 1,
    "_score": 1,
    "_source": {
        "message": " 10.168.255.134 [01/Sep/2016:11:14:16 +0800] "GET /resources/css/productInfo.74752cfb.css?_v=${last.updated} HTTP/1.1" - 200 20102 

"https://wenjinbao.winfae.com/products/productInfo.html?productSn=634" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36" 0.001 

115.234.131.214",
        "@version": "1",
        "@timestamp": "2016-09-01T03:14:48.323Z",
        "path": "/data01/applog_backup/winfae_log/wj-frontend01-access.2016-09-01",
        "host": "dr-mysql01.zjcap.com",
        "type": "wj_frontend_access",
        "clientip": "10.168.255.134",
        "time": "01/Sep/2016:11:14:16 +0800",
        "verb": "GET",
        "request": "/resources/css/productInfo.74752cfb.css?_v=${last.updated}",
        "httpversion": "1.1",
        "http_status_code": "200",
        "bytes": "20102",
        "http_referer": "https://wenjinbao.winfae.com/products/productInfo.html?productSn=634",
        "http_user_agent": "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36",
        "request_time": "0.001",
        "http_x_forwarded_for": "115.234.131.214"
    }

}
  • 相关阅读:
    第二十九课 循环链表的实现
    第二十八课 再论智能指针(下)
    第二十七课 再论智能指针(上)
    第二十六课 典型问题分析(Bugfix)
    普通new和placement new的重载
    leetcode 581. Shortest Unsorted Continuous Subarray
    leetcode 605. Can Place Flowers
    leetcode 219. Contains Duplicate II
    leetcode 283. Move Zeroes
    leetcode 217. Contains Duplicate
  • 原文地址:https://www.cnblogs.com/hzcya1995/p/13350317.html
Copyright © 2011-2022 走看看