安装logstash5.4.1,并使用grok表达式收集nginx日志
# rpm -ql logstash | grep patterns # cd /usr/share/logstash/vendor/bundle/jruby/1.9/gems/logstash-patterns-core-4.1.0/patterns/# ll
-rw-rw-r-- 1 logstash logstash1831 May 30 00:41 aws
-rw-rw-r-- 1 logstash logstash4831 May 30 00:41 bacula
-rw-rw-r-- 1 logstash logstash 260 May 30 00:41 bind
-rw-rw-r-- 1 logstash logstash2154 May 30 00:41 bro
-rw-rw-r-- 1 logstash logstash 879 May 30 00:41 exim
-rw-rw-r-- 1 logstash logstash 10095 May 30 00:41 firewalls
-rw-rw-r-- 1 logstash logstash5335 May 30 00:41 grok-patterns
-rw-rw-r-- 1 logstash logstash3251 May 30 00:41 haproxy
-rw-rw-r-- 1 logstash logstash 980 May 30 00:41 httpd
-rw-rw-r-- 1 logstash logstash1265 May 30 00:41 java
-rw-rw-r-- 1 logstash logstash1087 May 30 00:41 junos
-rw-rw-r-- 1 logstash logstash1037 May 30 00:41 linux-syslog
-rw-rw-r-- 1 logstash logstash 74 May 30 00:41 maven
-rw-rw-r-- 1 logstash logstash 49 May 30 00:41 mcollective
-rw-rw-r-- 1 logstash logstash 190 May 30 00:41 mcollective-patterns
-rw-rw-r-- 1 logstash logstash 614 May 30 00:41 mongodb
-rw-rw-r-- 1 logstash logstash9597 May 30 00:41 nagios
-rw-r--r-- 1 logstash logstash 312 Jun 23 17:47 nginx
-rw-rw-r-- 1 logstash logstash 142 May 30 00:41 postgresql
-rw-rw-r-- 1 logstash logstash 845 May 30 00:41 rails
-rw-rw-r-- 1 logstash logstash 224 May 30 00:41 redis
-rw-rw-r-- 1 logstash logstash 188 May 30 00:41 ruby
-rw-rw-r-- 1 logstash logstash 404 May 30 00:41 squid
页:
[1]