logstash增加对tomcat和http的监控

By | 2017年2月23日

input {
file {
type => “tomcat”
path => “/root/tomcat_8027_payment/logs/catalina.out”
start_position => beginning
ignore_older => 0
}
file {
type => “http”
path => “/var/log/httpd/access_log”
start_position => beginning
ignore_older => 0
}
}
filter {
grok {
match => { “message” => “%{COMBINEDAPACHELOG}”}
}
geoip {
source => “clientip”
}
}
output {
if [type] == “tomcat” {
elasticsearch {
action => “index”
hosts => [ “192.168.57.139:9200” ]
index => “tomcat”
}
}
if [type] == “http” {
elasticsearch {
action => “index”
hosts => [ “192.168.57.139:9200” ]
index => “http”
}
}
}

Category: os 标签:

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注