我们如何在ELK的logstash中配置模块明智的配置

时间:2019-05-22 09:58:02

标签: logstash kibana elastic-stack logstash-grok logstash-configuration

我需要创建一个模块明智的仪表板,例如用户管理,广告系列管理。如何在logstash中进行配置,以从不同的日志文件中提取所有日志?

Logstash配置:

input {
  beats {
    port => 5044
    ssl  => false
  }
  file {
        path => "C:\data\logs\OCDE.log"
        type => "ocde"
    }
    file {
        path => "C:\data\logs\CLM.log"
        type => "clm"
    }
}

filter {

         if [type] == "ocde"{
        grok {
            match => [ "message" , "%{COMBINEDAPACHELOG}"]
        }
     }
     else if [type] == "clm" {
        grok {
            match => [ "message" , "%{COMBINEDAPACHELOG}"]
        }
     }

   }


output {
    if (document_type= backendlog) {
        elasticsearch {
            hosts => ["localhost:9200"]
            manage_template => false
            index => "enliven_be_log_yyyymmdd"
            document_type => "%{[@metadata][type]}"
        }
    }

}

0 个答案:

没有答案