/gist:7225881
Created Oct 30, 2013
| input { | |
| file { | |
| type => "nginx_access" | |
| path => ["/var/log/nginx/**"] | |
| exclude => ["*.gz", "error.*"] | |
| discover_interval => 10 | |
| } | |
| } | |
| filter { | |
| if [type] == "nginx_access" { | |
| grok { | |
| match => { | |
| "message" => "%{COMBINEDAPACHELOG}" | |
| } | |
| } | |
| date { | |
| # Try to pull the timestamp from the 'timestamp' field (parsed above with | |
| # grok). The apache time format looks like: "18/Aug/2011:05:44:34 -0700" | |
| match => { "timestamp" => "dd/MMM/yyyy:HH:mm:ss Z" } | |
| } | |
| } | |
| } | |
| output { | |
| stdout { | |
| debug => true | |
| } | |
| redis { | |
| host => "YOUR_LOGSTASH_HOST" | |
| data_type => "list" | |
| key => "logstash" | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment