-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathlogstash.conf
More file actions
37 lines (37 loc) · 790 Bytes
/
logstash.conf
File metadata and controls
37 lines (37 loc) · 790 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
input {
beats {
port => 5044
}
}
filter {
json {
source => "message"
target => "parsed_json"
}
if [parsed_json][uid] {
mutate {
add_field => { "uid" => "%{[parsed_json][uid]}" }
}
}
mutate {
add_field => { "time" => "%{[parsed_json][time]}" }
add_field => { "level" => "%{[parsed_json][level]}" }
}
date { match => ["time", "yyyy-MM-dd'T'HH:mm:ss.SSSZ"] target => "@timestamp" }
mutate {
remove_field => [ "parsed_json","time" ]
}
}
output {
stdout { codec => rubydebug }
elasticsearch {
hosts => ["http://elasticsearch:9200"]
index => "easymonitor-%{[fields][log_type]}-%{+yyyy.MM.dd}"
}
if [level] == "error" {
http {
http_method => "post"
url => "http://ubuntu:16060/alert_log"
}
}
}