1、配置 Logstash 收集 Nginx 访问日志
input {
file {
path => "/apps/nginx/logs/nginx.access_json.log"
start_position => "beginning"
stat_interval => "3"
type => "nginx-accesslog"
codec => json
}
file {
path => "/apps/nginx/logs/error.log"
start_position => "beginning"
stat_interval => "3"
type => "nginx-errorlog"
}
}
output {
if [type] == "nginx-accesslog" {
elasticsearch {
hosts => ["192.168.1.101:9200"]
index => "nginxaccesslog-1.108-%{+YYYY.MM.dd}"
}
}
if [type] == "nginx-errorlog" {
elasticsearch {
hosts => ["192.168.1.101:9200"]
index => "nginxerrorlog-1.108-%{+YYYY.MM.dd}"
}
}
}
2、基于 TCP/UDP 收集日志并输出至 Elasticsearch
input {
tcp {
port => "9527"
host => "192.168.1.108"
type => "tcplog" #可用于判断输出
codec => json #如果是json格式,必须加此行,如果不是Json格式,却添加此行也不会影响结果
mode => "server" #默认值,可省略
}
}
output {
if [type] == "tcplog" {
elasticsearch {
hosts => ["192.168.1.101:9200"]
index => "tcplog-1.108-%{+YYYY.MM.dd}"
}
}
}
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
