bbannier/logstash.conf

## logstash.conf
filter {
  grok {
    match => { "message" => "^(?<loglevel>[F|E|I|W])%{MONTHNUM:month}%{MONTHDAY:monthday}\s+%{TIME:time}\s+%{POSINT:pid}\s+(?<file>\w*.\w*):%{POSINT:line}]\s+%{GREEDYDATA:msg}" }
  }
  mutate {
    add_field => {
      "timestamp" => "%{time} %{month} %{monthday} 2016"
    }
  }
  date {
    match => [ "timestamp", "HH:mm:ss.SSSSSS MM d yyyy" ]
    # locale => "en"
  }
}

input {
  stdin { type => "dump" }
  tcp {
    type => "dump"
    port => 3333
  }
}

output {
  # stdout { }
  elasticsearch {
    index => "marathon-1052"
  }
}
	filter {
	grok {
	match => { "message" => "^(?<loglevel>[F\|E\|I\|W])%{MONTHNUM:month}%{MONTHDAY:monthday}\s+%{TIME:time}\s+%{POSINT:pid}\s+(?<file>\w.\w):%{POSINT:line}]\s+%{GREEDYDATA:msg}" }
	}
	mutate {
	add_field => {
	"timestamp" => "%{time} %{month} %{monthday} 2016"
	}
	}
	date {
	match => [ "timestamp", "HH:mm:ss.SSSSSS MM d yyyy" ]
	# locale => "en"
	}
	}

	input {
	stdin { type => "dump" }
	tcp {
	type => "dump"
	port => 3333
	}
	}

	output {
	# stdout { }
	elasticsearch {
	index => "marathon-1052"
	}
	}