摘要:
elasticsearh 中每个节点中需要有相同的插件[2016-09-13 19:25:24,049][INFO ][discovery.zen ] [node02] failed to send join request to master [{node01}{QK57... 阅读全文
摘要:
-bash-4.1# cat /etc/haproxy/haproxy.cfgglobal log 127.0.0.1 local3 maxconn 65535 chroot /usr/local/haproxy uid 401 gid 401 daemondefaults log glo... 阅读全文
摘要:
[elk@zjtest7-frontend test]$ cat json.conf input { stdin { }}filter { json{ source =>"message" target =>"jsonconnect" }}output { stdout {... 阅读全文
摘要:
Grok 正则捕获:\s+(?\d+(?:\.\d+)?)\s+回顾下: (?:pattern) 匹 配 pattern 但不获取匹配结果,也就是说这是一个非获取匹配,不进行存储供以后使用。这在使用 “或” 字符 (|) 来组合一个模式的各个部分是很有用。例如, ‘industr(?:y|... 阅读全文
摘要:
时间处理(Date)之前章节已经提过,filters/date 插件可以用来转换你的日志记录中的时间字符串,变成 LogStash::Timestamp 对象,然后转存到 @timestamp 字段里output { if [type] == "zj_frontend_access... 阅读全文
摘要:
filter { grok { match => [ "message" , "\s*%{IPORHOST:clientip}\s+\-\s+\-\s+\[%{HTTPDATE:time}\]\s+\"%{WORD:verb}\s+(?(\S+))\?... 阅读全文
摘要:
"message" => " 10.168.255.134 [12/Sep/2016:16:30:40 +0800] \"GET /resources/plugins/artDialog/dialog-min.js?v=1&_=1473669040515 HTT... 阅读全文
摘要:
"@version" => "1", "@timestamp" => "2016-09-12T08:31:06.630Z", "path" => "/data01/applog_backup/winfae... 阅读全文
摘要:
1、request_time官网描述:request processing time in seconds with a milliseconds resolution; time elapsed between the first bytes were read from the client... 阅读全文
摘要:
"message" => " 10.252.142.174 [12/Sep/2016:16:43:47 +0800] \"GET /resources/js/toolbar.49fc367e.js?_v=${last.updated}&_=14736698254... 阅读全文