diff options
Diffstat (limited to 'etc/logstash_cambria_template.conf')
| -rw-r--r-- | etc/logstash_cambria_template.conf | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/etc/logstash_cambria_template.conf b/etc/logstash_cambria_template.conf new file mode 100644 index 0000000..2ddb7d5 --- /dev/null +++ b/etc/logstash_cambria_template.conf @@ -0,0 +1,36 @@ +input { + file { + path => "${CAMBRIA_SERVER_LOG}" + codec => multiline { + pattern => "^\[%{YEAR}-%{MONTH}-%{MONTHDAY}%{SPACE}%{HOUR}:%{MINUTE}:%{SECOND}\]" + negate => "true" + what => "previous" + } + sincedb_path => "/opt/app/logstash/conf_stage/.sincedb_cambria" + start_position => "beginning" + type => "cambria" + } +} + +filter { + if [type] == "cambria" { + grok { + match => ["message", "\[(?<date>%{YEAR}-%{MONTH}-%{MONTHDAY}%{SPACE}%{HOUR}:%{MINUTE}:%{SECOND})\]\[%{DATA:logLevel}\]\[%{DATA:thread}\]\[%{DATA:class}\]\[%{DATA:id}\]%{GREEDYDATA:message}"] + } + + date { + match => ["date", "YYYY-MMM-DD HH:mm:ss,SSS"] + } + } +} + +output { + if [type] == "cambria" { + elasticsearch { + cluster => "2020SA" + host => "${ELASTICSEARCH_NODES}" + index => "cambria-%{+YYYY.MM.dd}" + } + } +} + |