Created
September 23, 2015 06:14
-
-
Save radu-gheorghe/e32a2ef29bc7dcb4ec10 to your computer and use it in GitHub Desktop.
logstash json_lines issue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"message":"proxy-435.dialup.xtra.co.nz - - [22/Apr/2009:18:52:51 +1200] \"GET /images/photos/455.jpg HTTP/1.1\" 200 986 \"-\" \"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_4_11; en) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13\" \"-\"","@version":"1","@timestamp":"2015-04-16T17:35:24.585Z","host":"rgheorghe-suse.rgheorghe-local","path":"/opt/example.log.raw","clientip":"proxy-435.dialup.xtra.co.nz","ident":"-","auth":"-","timestamp":"22/Apr/2009:18:52:51 +1200","verb":"GET","request":"/images/photos/455.jpg","httpversion":"1.1","response":"200","bytes":"986","referrer":"\"-\"","agent":"\"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_4_11; en) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13\""} | |
| {"message":"proxy-435.dialup.xtra.co.nz - - [22/Apr/2009:18:52:51 +1200] \"GET /images/nav/tab_left_middle.gif HTTP/1.1\" 200 1020 \"-\" \"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_4_11; en) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13\" \"-\"","@version":"1","@timestamp":"2015-04-16T17:35:24.591Z","host":"rgheorghe-suse.rgheorghe-local","path":"/opt/example.log.raw","clientip":"proxy-435.dialup.xtra.co.nz","ident":"-","auth":"-","timestamp":"22/Apr/2009:18:52:51 +1200","verb":"GET","request":"/images/nav/tab_left_middle.gif","httpversion":"1.1","response":"200","bytes":"1020","referrer":"\"-\"","agent":"\"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_4_11; en) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13\""} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| file { | |
| path => "/opt/logs/example.log.parsed" | |
| start_position => "beginning" | |
| codec => "json_lines" | |
| } | |
| } | |
| output { | |
| elasticsearch { | |
| workers => 4 | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment