geoip {
source => "remoteip"
target => "geoip"
database => "/etc/logstash/mmcity6.dat"
add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]
add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}" ]
}
date {
locale => "en"
match => ["timestamp", "dd/MMM/YYYY:HH:mm:ss +0530" ]
target => "@timestamp"
}
kv {
field_split => "&?"
}
}
FORWARDEDipV6 [CLIENTIPV6] HOSTNAME [25 / Mar / 2016:19:47:13 +0530] HIT"获取URL HTTP / 1.1" 200 5" - " " Apache-HttpClient / UNAVAILABLE(java 1.4)" 0.000 -
"forwarded_ip": "ipv6",
"remoteip": "IPV6",
"loghost": "HOSTN,E",
"timestamp": "25/Mar/2016:19:47:13 +0530",
"cache": "HIT",
"httpmethod": "GET",
"request": "URL",
"httpversion": "1.1",
"response": "200",
"bytes": 5,
"agent": "\"Apache-HttpClient/UNAVAILABLE (java 1.4)\"",
"request_time": 0
但我没有获得地理位置
答案 0 :(得分:0)
支持刚刚进入Elastic STack 5 ..