Last active
March 15, 2023 18:36
-
-
Save jiromm/b0951cfba00cd3dc3a7f857b1dd574d0 to your computer and use it in GitHub Desktop.
Logstash config file for laravel logs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| file { | |
| path => "/var/www/laravel-project/storage/logs/laravel.log" | |
| codec => multiline { | |
| pattern => "^\[%{TIMESTAMP_ISO8601:timestamp}\]" | |
| what => "previous" | |
| negate => true | |
| } | |
| } | |
| } | |
| filter { | |
| grok { | |
| match => { | |
| "message" => "\[%{TIMESTAMP_ISO8601:timestamp}\] %{DATA:env}\.%{DATA:severity}: (?<log>[^{]+)?%{GREEDYDATA:raw-json}" | |
| } | |
| } | |
| json { | |
| source => "raw-json" | |
| target => "json" | |
| } | |
| mutate { | |
| rename => { "message" => "raw-message" } | |
| rename => { "json" => "raw-json" } | |
| } | |
| } | |
| output { | |
| elasticsearch { | |
| hosts => "127.0.0.1:9200" | |
| user => "user" | |
| password => "pass" | |
| index => "laravel-logs" | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Nice thanks! This works fine for messages with texet ending with json like:
[2022-05-16 12:03:50] dev.INFO: Update successful for user {"idmember":"37774", "idcard":"320000H","name":"DAVID"}If you want to add text after the json your filter can be: