我想以此格式为每个ECS集群创建自定义索引
(logstash。(集群)。(服务名称)。(日期)。(小时:wq)
我正在运行ec2类型的ecs集群,并在ec2节点上运行了td-agent。 td-agent配置:
<source>
@type forward
tag application.log
@id input_forward
</source>
<source>
@type tail
path /var/log/syslog
pos_file /var/log/td-agent/syslog.log.pos
tag syslog.log
format syslog
</source>
<match syslog.log>
@type kinesis_streams
region ap-south-1
stream_name logging-test
</match>
<filter application.log>
@type record_transformer
<record>
hostname "#{Socket.gethostname}"
stage "lt"
</record>
</filter>
<match application.log>
@type elasticsearch_dynamic
logstash_format true
logstash_prefix logstash-${tag_parts[0]}
include_tag_key true
tag_key _key
host internal-domain
reconnect_on_error true
port 80
flush_interval 5s
</match>