Aaron Mildenstein untergeek
untergeek
/ elasticsearch-template.json
Created Aug 7, 2014
My current logstash/elasticsearch-index template
View elasticsearch-template.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "template" : "logstash-*", | |
| "settings" : { | |
| "number_of_shards" : 5, | |
| "index.refresh_interval" : "5s" | |
| }, | |
| "mappings" : { | |
| "_default_" : { | |
| "_all" : {"enabled" : true}, | |
| "dynamic_templates" : [ { |
View logstash.excerpt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if [type] == "apache_json" { | |
| geoip { source => "clientip" } | |
| if [useragent] != "" { useragent { source => "useragent" } } | |
| if [auth] == "-" { mutate { remove_field => "auth" } } | |
| if [ident] == "-" { mutate { remove_field => "ident" } } | |
| if [referer] == "-" { mutate { remove_field => "referer" } } | |
| } |
View crontab
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 30 2 * * * ~/bin/curator.sh &> /dev/null |
View collectd-logstash.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| output { | |
| stdout { debug => true debug_format => "json"} | |
| if [type] == 'collectd' { | |
| elasticsearch { | |
| cluster => "elasticsearch" | |
| } | |
| } | |
| } |
View b.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { stdin {} } | |
| filter { | |
| grok { | |
| match => [ "message", "\[%{RUBY_LOGLEVEL:loglevel}\] %{TIMESTAMP_ISO8601:logdate} %{ISO8601_TIMEZONE:timezone} \[%{NOTSPACE:somefield}\] \[%{IP:ipaddress}\] %{GREEDYDATA:therest}" ] | |
| } | |
| mutate { | |
| gsub => [ "logdate", "\ ", "T" ] | |
| replace => { "logdate" => "%{logdate}%{timezone}" } | |
| } | |
| date { |
View logstash.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| stdin { | |
| type => "weblogic-server" | |
| } | |
| } | |
| filter { | |
| ### weblogic-server | |
| if [type] == "weblogic-server" { | |
| multiline { |
View a.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| buh@BigMini (06:12 PM) [~/GIT/curator/curator] $ curl -XPUT 'http://localhost:9200/logstash-20140710/' | |
| {"acknowledged":true} |
untergeek
/ command-line.help
Last active Aug 29, 2015
View command-line.help
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ python test.py --help | |
| usage: test.py [-h] [-v] [--host HOST] [--url_prefix URL_PREFIX] [--port PORT] | |
| [--ssl] [-t TIMEOUT] [-n] [-D] [--loglevel LOG_LEVEL] | |
| [-l LOG_FILE] | |
| {allocation,bloom,close,delete,optimize,show_indices,snapshot} | |
| ... | |
| Curator for Elasticsearch indices. See | |
| http://github.com/elasticsearch/curator/wiki |
View curator.log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./curator.py --host blackbox --timeout 3600 --repository CuratorTest --create-repo --location "/Volumes/Repositories/CuratorTest" --snap-older 2 | |
| 2014-05-21T19:16:29.800 INFO main:580 Job starting... | |
| 2014-05-21T19:16:29.800 INFO _new_conn:257 Starting new HTTP connection (1): blackbox | |
| 2014-05-21T19:16:29.806 INFO log_request_success:49 GET http://blackbox:9200/ [status:200 request:0.005s] | |
| 2014-05-21T19:16:29.806 INFO main:609 Creating repository CuratorTest... | |
| 2014-05-21T19:16:29.809 WARNING log_request_fail:68 GET /_snapshot/CuratorTest [status:404 request:0.003s] | |
| 2014-05-21T19:16:29.809 INFO log_request_fail:70 > None | |
| 2014-05-21T19:16:29.809 INFO _get_repository:376 Repository CuratorTest not found | |
| 2014-05-21T19:16:29.857 INFO log_request_success:49 PUT http://blackbox:9200/_snapshot/CuratorTest [status:200 request:0.047s] | |
| 2014-05-21T19:16:29.857 INFO _create_repository:393 R |
View kibana.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "title": "Collectd: Blackbox", | |
| "services": { | |
| "query": { | |
| "list": { | |
| "0": { | |
| "query": "plugin:\"load\"", | |
| "alias": "Load", | |
| "color": "#7EB26D", | |
| "id": 0, |