logstash收集Nginx日志,转换为JSON格式

Nginx日志处理为JSON格式,并放置在http区块:

复制代码
 1  log_format  json  '{"@timestamp":"$time_iso8601",'
 2                       '"@version":"1",'
 3                       '"client":"$remote_addr",'
 4                       '"url":"$uri",'
 5                       '"status":"$status",'
 6                       '"domain":"$host",'
 7                       '"host":"$server_addr",'
 8                       '"size":"$body_bytes_sent",'
 9                       '"responsentime":"$request_time",'
10                       '"referer":"$http_referer",'
11                       '"useragent":"$http_user_agent"'
12                        '}';
13 access_log  logs/access_json.log  json;
Nginx日志格式
复制代码

 

logstash配置文件:

复制代码
 1 input {
 2        file {
 3       path =>"/usr/local/nginx/logs/access_json.log"
 4       codec =>"json"
 5       start_position => "beginning"
 6 
 7         }
 8 }
 9 
10 filter{
11    json {
12                 source => "message"
13                 skip_on_invalid_json => true
14                 }
15 }
16 output{
17 
18 
19       elasticsearch {
20        hosts =>["172.16.3.160:9200"]
21        index => "logstash-zabbix-nginx-log-%{+YYYY.MM.dd}"
22 
23            }
24 }
logstash配置文件
复制代码

 

posted @   BigZero  阅读(4047)  评论(0编辑  收藏  举报
点击右上角即可分享
微信分享提示