上传文件至 'MD_NEW'

This commit is contained in:
diandian 2024-06-03 17:08:08 +08:00
parent b1f7a5da92
commit add5f13190
1 changed files with 88 additions and 0 deletions

View File

@ -317,11 +317,99 @@ huanqiu
hahaha hahaha
``` ```
采集单个文件
```json
[root@logstash ~]# cat /opt/nginx_access_logstash.conf
input{
file {
path => "/var/log/nginx/access_json.log"
start_position => "beginning"
}
}
output{
elasticsearch {
hosts => ["10.9.12.86:9200"]
index => "nginx-access-json-%{+YYYY.MM.dd}"
}
}
```
采集多个文件
```json
[root@logstash ~]# cat /opt/files.conf
input {
file {
path => "/var/log/messages"
type => "system"
start_position => "beginning"
}
}
input {
file {
path => "/var/log/yum.log"
type => "safeware"
start_position => "beginning"
}
}
output {
if [type] == "system"{
elasticsearch {
hosts => ["10.9.12.86:9200"]
index => "system-%{+YYYY.MM.dd}"
}
}
if [type] == "safeware"{
elasticsearch {
hosts => ["10.9.12.86:9200"]
index => "safeware-%{+YYYY.MM.dd}"
}
}
}
```
#### 4.定义nginx的日志格式并采集
Nginx配置文件修改
```
log_format json '{"@timestamp":"$time_iso8601",'
'"@version":"1",'
'"client":"$remote_addr",'
'"url":"$uri",'
'"status":"$status",'
'"domain":"$host",'
'"host":"$server_addr",'
'"size":$body_bytes_sent,'
'"responsetime":$request_time,'
'"referer": "$http_referer",'
'"ua": "$http_user_agent"'
'}';
access_log /var/log/nginx/access_json.log json;
```
定义采集配置文件
```json
input {
file {
path => "/var/log/nginx/access_json.log"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["192.168.122.118:9200"]
index => "nginx1-%{+YYYY.MM.dd}"
}
}
```
ES查看索引Kibana展示数据