Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 2018/05/11 23:08:28 [error] 53734#53734: *621532077 upstream prematurely closed connection while reading response header from upstream, client: 192.168.22.10, server: www.testserver.pt, request: "GET /methods/userinfo.ashx/getUserOpenBetsData? HTTP/2.0", upstream: "https://188.11.2.3:443/methods/userinfo.ashx/getUserOpenBetsData?", host: "www.testserver.pt", referrer: "https://www.testserver.pt/"
- input {
- beats {
- port => "5044"
- }
- }
- filter {
- grok{
- match => {"message" => '%{F_TIMESTAMP: timestamp} [%{DATA:Message_type}] %{DATA:EventId}: *%{NUMBER:Secondaryid} %{GREEDYDATA:Message}, client: %{IP:origin}, server: %{URIHOST:domain}, request: "%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}", upstream: %{QS:userRequest}, host: "%{URIHOST:host}", referrer: %{QS:referrer}'}
- }
- date{
- locale => "en"
- match => ["timestamp", "YYYY/MM/dd HH:mm:ss"]
- target => "@timestamp"
- }
- }
- output {
- elasticsearch {
- hosts => [ "localhost:9200" ]
- index => "logstash-%{+YYYY.MM.dd.HH}"
- user => "elastic"
- password => "changeme"
- (?<timestamp>%{YEAR}[./]%{MONTHNUM}[./]%{MONTHDAY} %{TIME}) [%{LOGLEVEL:severity}] %{POSINT:pid}#%{NUMBER:threadid}: *%{NUMBER:connectionid} %{GREEDYDATA:errormessage}, client: %{IP:client}, server: %{GREEDYDATA:server}, request: %{GREEDYDATA:request}
- {
- "timestamp": [
- [
- "2018/05/11 23:08:28"
- ]
- ],
- "YEAR": [
- [
- "2018"
- ]
- ],
- "MONTHNUM": [
- [
- "05"
- ]
- ],
- "MONTHDAY": [
- [
- "11"
- ]
- ],
- "TIME": [
- [
- "23:08:28"
- ]
- ],
- "HOUR": [
- [
- "23"
- ]
- ],
- "MINUTE": [
- [
- "08"
- ]
- ],
- "SECOND": [
- [
- "28"
- ]
- ],
- "severity": [
- [
- "error"
- ]
- ],
- "pid": [
- [
- "53734"
- ]
- ],
- "threadid": [
- [
- "53734"
- ]
- ],
- "BASE10NUM": [
- [
- "53734",
- "621532077"
- ]
- ],
- "connectionid": [
- [
- "621532077"
- ]
- ],
- "errormessage": [
- [
- "upstream prematurely closed connection while reading response header from upstream"
- ]
- ],
- "client": [
- [
- "192.168.22.10"
- ]
- ],
- "IPV6": [
- [
- null
- ]
- ],
- "IPV4": [
- [
- "192.168.22.10"
- ]
- ],
- "server": [
- [
- "www.testserver.pt"
- ]
- ],
- "request": [
- [
- ""GET /methods/userinfo.ashx/getUserOpenBetsData? HTTP/2.0", upstream: "https://188.11.2.3:443/methods/userinfo.ashx/getUserOpenBetsData?", host: "www.testserver.pt", referrer: "https://www.testserver.pt/""
- ]
- ]
- }
Add Comment
Please, Sign In to add comment