Created
August 19, 2018 16:09
-
-
Save NayabSiddiqui/3a1a84f3ca65a5673ba4142adfa601d9 to your computer and use it in GitHub Desktop.
logstash configuration for logging based on spring cloud sleuth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
input { | |
file { | |
type => "java" | |
path => "D:/Workspace/Public/spring-microservies-monitoring/books-api.log" | |
codec => multiline { | |
pattern => "^%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME}.*" | |
negate => "true" | |
what => "previous" | |
} | |
} | |
file { | |
type => "java" | |
path => "D:/Workspace/Public/spring-microservies-monitoring/countries-api.log" | |
codec => multiline { | |
pattern => "^%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME}.*" | |
negate => "true" | |
what => "previous" | |
} | |
} | |
} | |
filter { | |
#If log line contains tab character followed by 'at' then we will tag that entry as stacktrace | |
if [message] =~ "\tat" { | |
grok { | |
match => ["message", "^(\tat)"] | |
add_tag => ["stacktrace"] | |
} | |
} | |
#Grokking Spring Boot's default log format | |
grok { | |
match => { | |
"message" => "%{TIMESTAMP_ISO8601:timestamp}\s+%{LOGLEVEL:severity}\s+\[%{DATA:service},%{DATA:trace},%{DATA:span},%{DATA:exportable}\]\s+%{DATA:pid}---\s+\[%{DATA:thread}\]\s+%{DATA:class}\s+:\s+%{GREEDYDATA:rest}" | |
} | |
} | |
} | |
output { | |
# Print each event to stdout, useful for debugging. Should be commented out in production. | |
# Enabling 'rubydebug' codec on the stdout output will make logstash | |
# pretty-print the entire event as something similar to a JSON representation. | |
stdout { | |
codec => rubydebug | |
} | |
# Sending properly parsed log events to elasticsearch | |
elasticsearch { | |
hosts => ["localhost:9200"] | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment