Skip to content

Instantly share code, notes, and snippets.

@surinkim
Last active February 11, 2017 04:41
Show Gist options
  • Save surinkim/afea0d01e7583a5229c45bb73d62e163 to your computer and use it in GitHub Desktop.
Save surinkim/afea0d01e7583a5229c45bb73d62e163 to your computer and use it in GitHub Desktop.
input {
file {
path => "./logs/*.log"
start_position => "beginning"
}
}
filter {
grok {
add_tag => ["valid"]
match => { "message" => "%{TIMESTAMP_ISO8601:time} \[%{LOGLEVEL:level}\] %{GREEDYDATA:contents}" }
}
if "valid" not in [tags] {
drop {}
}
mutate {
remove_tag => [ "valid" ]
}
date {
match => ["time", "ISO8601"]
remove_field => ["time"]
}
# for remove that duplicate log
fingerprint {
method => "SHA1"
key => "KEY"
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "log"
document_id => "%{fingerprint}"
}
stdout { codec => rubydebug }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment