/logstash.conf
Secret
Last active Aug 29, 2015
logstash
| input { | |
| syslog { | |
| host => '83.119.32.11' | |
| port => 5514 | |
| type => 'syslog' | |
| } | |
| tcp { | |
| type => 'eventlog' | |
| port => 3515 | |
| host => '83.119.32.11' | |
| format => 'json' | |
| } | |
| } | |
| filter { | |
| if [type] == "syslog" { | |
| date { | |
| match => [ "timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ] | |
| target => "@timestamp" | |
| timezone => 'Europe/Amsterdam' | |
| add_tag => [ "tmatch" ] | |
| } | |
| } | |
| } | |
| output { | |
| stdout { | |
| #debug => true | |
| codec => "rubydebug" | |
| } | |
| elasticsearch { | |
| host => "127.0.0.1" | |
| } | |
| } |
| $ActionFileDefaultTemplate RSYSLOG_ForwardFormat | |
| *.* @@logstash-p01.example.org:5514 |
| { | |
| "message" => "[ warning] [guestinfo] Failed to get vmstats.", | |
| "@version" => "1", | |
| "@timestamp" => "2014-07-30T23:20:52.000Z", | |
| "host" => "1.2.3.4", | |
| "priority" => 12, | |
| "timestamp" => "Jul 30 23:20:52", | |
| "logsource" => "resolv-p02", | |
| "program" => "vmsvc", | |
| "pid" => "8362", | |
| "severity" => 4, | |
| "facility" => 1, | |
| "facility_label" => "user-level", | |
| "severity_label" => "Warning" | |
| } | |
| logfile | |
| 2014-07-30T23:21:52+02:00 resolv-p02 vmsvc[8362]: [ warning] [guestinfo] Failed to get vmstats. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment