Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- input {
- beats {
- port => 5400
- ssl => true
- ssl_certificate_authorities => ["/etc/elk-certs/elk-ssl.crt"]
- ssl_certificate => "/etc/elk-certs/elk-ssl.crt"
- ssl_key => "/etc/elk-certs/elk-ssl.key"
- ssl_verify_mode => "force_peer"
- }
- }
- filter {
- grok {
- match => [ "message" , "%{COMBINEDAPACHELOG}+%{GREEDYDATA:extra_fields}"]
- overwrite => [ "message" ]
- }
- mutate {
- convert => ["response", "integer"]
- convert => ["bytes", "integer"]
- convert => ["responsetime", "float"]
- }
- geoip {
- source => "clientip"
- target => "geoip"
- add_tag => [ "nginx-geoip" ]
- }
- date {
- match => [ "timestamp" , "dd/MMM/YYYY:HH:mm:ss Z" ]
- remove_field => [ "timestamp" ]
- }
- useragent {
- source => "agent"
- }
- }
- output {
- elasticsearch {
- hosts => ["localhost:9200"]
- index => "weblogs-%{+YYYY.MM.dd}"
- document_type => "nginx_logs"
- }
- stdout { codec => rubydebug }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement