Logstash_Apache日志采集-白红宇

Logstash_Apache日志采集

阅读量：5152 次

发布时间：2019-06-13

本文共 1461 字，大约阅读时间需要 4 分钟。

[root@Cagios logstash-2.1.0]# cat /usr/local/logstash-2.1.0/logstash_agent.conf input {  file {    type => "apache_access"    path => ["/var/log/httpd/access_log"]  }}filter {  grok {    match => {
   "message" => "%{COMBINEDAPACHELOG}"}  }}output {  stdout {codec => rubydebug }  redis {    host => '192.168.55.133'    data_type => 'list'    key => 'logstash:redis'  }}

# 采集到的日志格式{        "message" => "192.168.55.1 - - [08/Dec/2015:12:35:21 +0800] \"POST /zabbix/jsrpc.php?output=json-rpc HTTP/1.1\" 200 64 \"http://192.168.55.132/zabbix/hostgroups.php?sid=ec7705df8ce1f99f\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"",       "@version" => "1",     "@timestamp" => "2015-12-08T04:35:21.342Z",           "host" => "0.0.0.0",           "path" => "/var/log/httpd/access_log",           "type" => "apache_access",       "clientip" => "192.168.55.1",          "ident" => "-",           "auth" => "-",      "timestamp" => "08/Dec/2015:12:35:21 +0800",           "verb" => "POST",        "request" => "/zabbix/jsrpc.php?output=json-rpc",    "httpversion" => "1.1",       "response" => "200",          "bytes" => "64",       "referrer" => "\"http://192.168.55.132/zabbix/hostgroups.php?sid=ec7705df8ce1f99f\"",          "agent" => "\"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\""}