logstash 采集springboot 错误日志配置

[elk@master001 config]$ cat logstash-log.conf 
# Sample Logstash configuration for creating a simple
# Beats -> Logstash -> Elasticsearch pipeline.

input {
  tcp {
    port => 5044
    codec => json_lines
  }
}


filter {

　　if [LOGLEVEL] == "DEBUG" {
　　　　drop {}
　　}
　　if [LOGLEVEL] == "INFO" {
　　　　drop {}
　　}
　　if [LOGLEVEL] == "WARN" {
　　　　drop {}
　　}

    ruby {
        code => "event.set('timestamp', event.get('@timestamp').time.localtime + 8*60*60)"
    }
    ruby {
        code => "event.set('@timestamp',event.get('timestamp'))"
    }
    mutate {
        remove_field => ["timestamp"]
    }
}


output {
  elasticsearch {
    hosts => ["http://localhost:9200"]
    index => "%{[appName]}-%{+YYYY.MM.dd}"
    #user => "elastic"
    #password => "changeme"
  }

  stdout { codec => rubydebug }
}

posted on 2021-02-24 17:34 肖建锋阅读(457) 评论(0) 编辑收藏举报

刷新页面返回顶部