Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- input {
- beats {
- port => 5044
- host => "0.0.0.0"
- }
- }
- filter {
- grok {
- match => ["message",
- # 2018-04-26 12:30:36.466 INFO 41778 --- [nio-8080-exec-1] n.e.e.ELKController : /validrequest - Hello user! Today's date: Thu Apr 26 12:30:36 MSK 2018
- "(?<timestamp>%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME}) [ ]{1,}%{LOGLEVEL:log_level} %{NUMBER:pid} --- \[(?<thread>[A-Za-z0-9-]+)\] [A-Za-z0-9.]*\.(?<class>[A-Za-z0-9#_]+)\s*:\s+(?<logmessage>.*)",
- "message",
- # 2018-04-26 12:30:36.466 INFO 41778 ---
- "(?<timestamp>%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME}) %{LOGLEVEL:log_level} %{NUMBER:pid} --- .+? :\s+(?<logmessage>.*)"
- ]
- }
- date {
- match => [ "timestamp" , "yyyy-MM-dd HH:mm:ss.SSS" ]
- }
- }
- output {
- elasticsearch {
- hosts => "35.241.173.27:9200"
- index => "logstash-training"
- user => "elastic"
- password => "testr"
- }
- }
Add Comment
Please, Sign In to add comment
