logstash 处理nginx 访问日志
2016-08-24 15:43
525 查看
[root@dr-mysql01 frontend]# cat logstash_frontend.conf input { file { type => "zj_frontend_access" path => ["/data01/applog_backup/zjzc_log/zj-frontend0*access*"] } file { type => "wj_frontend_access" path => ["/data01/applog_backup/winfae_log/wj-frontend0*access*"] } } filter { grok { match => { "message" => "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>\S+)\" \"(?<http_x_forwarded_for>\S+)\"" } } } output { if [type] == "zj_frontend_access" { redis { host => "192.168.32.67" data_type => "list" key => "zj_frontend_access:redis" port=>"6379" password => "1234567" } } else if [type] == "wj_frontend_access"{ redis { host => "192.168.32.67" data_type => "list" key => "wj_frontend_access:redis" port=>"6379" password => "1234567" } } } [root@dr-mysql01 frontend]# cat logstash_indexer.conf input { redis { host => "192.168.32.67" data_type => "list" key => "zj_frontend_access:redis" password => "1234567" port =>"6379" } redis { host => "192.168.32.67" data_type => "list" key => "wj_frontend_access:redis" password => "1234567" port =>"6379" } } output { if [type] == "zj_frontend_access"{ elasticsearch { hosts => "192.168.32.80:9200" index => "logstash-zjzc-frontend-%{+YYYY.MM.dd}" } stdout { codec => rubydebug } } else if [type] == "wj_frontend_access"{ elasticsearch { hosts => "192.168.32.81:9200" index => "logstash-wj-frontend-%{+YYYY.MM.dd}" } stdout { codec => rubydebug } } }
相关文章推荐
- LOGSTASH+ELASTICSEARCH+KIBANA处理NGINX访问日志
- logstash 处理nginx 访问日志
- Logstash+ElasticSearch+Kibana处理nginx访问日志(转)
- Logstash -- Nginx 日志收集处理!
- LOGSTASH+ELASTICSEARCH+KIBANA处理OSS访问日志
- logstash 处理nginx 错误日志
- 使用logstash收集nginx访问日志
- logstash收集nginx访问日志
- ELK+syslog+nginx访问日志收集+分词处理
- 使用Logstash分析纪录Nginx服务器访问及错误日志
- 搭建ELK(ElasticSearch+Logstash+Kibana)日志分析系统(八) elasticsearch配置外网访问及常见错误处理
- logstash nginx error access 日志处理
- logstash 处理nginx 错误日志
- nginx 或tengine 访问日志分割处理
- logstash 过虑nginx访问日志
- awstats分析nginx日志访问404问题
- Linux下定时切割Nginx访问日志并打包压缩的Shell脚本
- 使用 Nginx 和 GeoIP 模块来处理不同国家的访问
- 使用awstat分析Nginx的访问日志
- 使用webalizer分析nginx 访问日志