logstash增加对tomcat和http的监控

input {
file {
type => “tomcat”
path => “/root/tomcat_8027_payment/logs/catalina.out”
start_position => beginning
ignore_older => 0
}
file {
type => “http”
path => “/var/log/httpd/access_log”
start_position => beginning
ignore_older => 0
}
}
filter {
grok {
match => { “message” => “%{COMBINEDAPACHELOG}”}
}
geoip {
source => “clientip”
}
}
output {
if [type] == “tomcat” {
elasticsearch {
action => “index”
hosts => [ “192.168.57.139:9200” ]
index => “tomcat”
}
}
if [type] == “http” {
elasticsearch {
action => “index”
hosts => [ “192.168.57.139:9200” ]
index => “http”
}
}
}