Skip to content

Instantly share code, notes, and snippets.

@andybeak

andybeak/index.php

Created November 12, 2019 09:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save andybeak/5ab3def0fb060e6d6b5045bda4de5571 to your computer and use it in GitHub Desktop.
Save andybeak/5ab3def0fb060e6d6b5045bda4de5571 to your computer and use it in GitHub Desktop.
Download ZIP
Blog article on monolog to ELK #blog
Raw
index.php
<?php
require('../vendor/autoload.php');
use Monolog\Logger;
use Monolog\Handler\SocketHandler;
// create a log channel
$log = new Logger('elk');
// "logstash" is a host defined by docker-compose
$handler = new SocketHandler('logstash:9001', Logger::DEBUG);
$log->pushHandler($handler);
Raw
logstash.conf
input {
tcp {
port => 9001
}
}
# See https://grokdebug.herokuapp.com/ and https://github.com/logstash-plugins/logstash-patterns-core/blob/master/patterns/grok-patterns
filter {
grok {
match => { "message" => "\[%{TIMESTAMP_ISO8601:timestamp}\] %{DATA:env}\.%{DATA:severity}: %{GREEDYDATA:message} (?<context>(\{.*?\})) \[\]" }
}
}
filter {
json {
source => "context"
}
}
output {
stdout {}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment