elk 之 logstash + elasticsearch
2018-08-15 本文已影响0人
台风口的猪
input {
file{
path =>"/root/zym/log/logstash-tutorial.log/*"
start_position=>"beginning"
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}"}
}
geoip {
source => "clientip"
}
}
output {
elasticsearch {
hosts => [ "localhost:9200" ]
}
}
