LogStash配置
官方文档:https://www.elastic.co/guide/en/logstash/current/index.html
查看yum安装路径
rpm -ql logstash |more
LogStash使用
1)标准输入、标准输出插件
/opt/logstash/bin/logstash -e 'input { stdin{} } output { stdout{} }'
2)标准输入、标准输出插件,输出显示json格式
/opt/logstash/bin/logstash -e 'input { stdin{} } output { stdout{ codec => rubydebug } }'
3)标准输入、输出elasticsearch插件
/opt/logstash/bin/logstash -e 'input { stdin{} } output { elasticsearch { hosts => ["192.168.137.11:9200"] index => "logstash-%{+YYYY.MM.dd}" } }'
4)标准输入、两个输出:标准输出插件和elasticsearch插件
/opt/logstash/bin/logstash -e 'input { stdin{} } output { stdout{ codec => rubydebug } elasticsearch { hosts => ["192.168.137.11:9200"] index => "logstash-%{+YYYY.MM.dd}" } }'
logstash配置文件使用
通过yum安装默认路径/etc/logstash/conf.d
如果要改变路径,可以配置/etc/init.d/logstash启动脚本中LS_CONF_DIR参数
编写demo.conf文件,通过配置文件实现标准输入、两个输出:标准输出插件和elasticsearch插件
vim /etc/logstash/conf.d/demo.conf
input{
stdin{}
}
filter{
}
output{
elasticsearch {
hosts => ["192.168.137.11:9200"]
index => "logstash-%{+YYYY.MM.dd}"
}
stdout{
codec => rubydebug
}
}
备注:配置文件中#表示注释。
启动/opt/logstash/bin/logstash -f /etc/logstash/conf.d/demo.conf
