Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- stdin {
- }
- # beats {
- # port => 5044
- # }
- }
- filter {
- if [type] == "apache-access" {
- grok {
- match => { "message" => "\[%{DATA:LogID}\]\s%{COMBINEDAPACHELOG}" }
- }
- date {
- match => [ "timestamp", "dd/MMM/YYYY:HH:mm:ss Z" ]
- }
- }
- if [type] == "apache-ssl" {
- grok {
- match => { "message" => "\[%{DATA:LogID}\]\s%{COMBINEDAPACHELOG}" }
- }
- date {
- match => [ "timestamp", "dd/MMM/YYYY:HH:mm:ss Z" ]
- }
- }
- if [type] == "apache-error" {
- grok {
- match => { "message" => "\[%{DATA:LogID}\]\s\[%{TIMESTAMP_ISO8601:timestamp}\]\s\[.*: %{LOGLEVEL:loglevel}\]\s\[\w+: %{NUMBER:pid}\]\s\[%{IPORHOST:client}\:%{POSINT:port}\]\s\[%{DATA:src filename}\]\s(\[%{DATA:errorstatus}\])?%{GREEDYDATA:message}" }
- date {
- match => [ "timestamp", "[TIMESTAMP_ISO8601]"]
- #match => [ "timestamp", "YYYY-MM-dd HH:mm:ss.SSSSSS" ]
- }
- }
- }
- }
- output {
- stdout { codec => rubydebug }
- elasticsearch {
- hosts => "localhost:9200"
- user => "jobvector"
- password => "244850_Kibana"
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement