使用Logstash收集Nginx日志
if == "nginx_access" {if [@nginx_fields] != "-" {
geoip {
source => "[@nginx_fields]"
target => "geoip"
database => "/data/app_platform/logstash/vendor/geoip/GeoLiteCity.dat"
add_field => [ "", "%{}" ]
add_field => [ "", "%{}"]
}
mutate {
convert => [ "", "float" ]
}
}
else if [@nginx_fields] != "-" {
geoip {
source => "[@nginx_fields]"
target => "geoip"
database => "/data/app_platform/logstash/vendor/geoip/GeoLiteCity.dat"
add_field => [ "", "%{}" ]
add_field => [ "", "%{}"]
}
mutate {
convert => [ "", "float" ]
}
}
页:
[1]