[elk@Vsftp logstash]$ cat t1.conf
input {
stdin {
}
}
filter {
geoip {
source =>"message"
add_field =>["[geoip][aa]","%{[geoip][location]}"]
}
}
output {
stdout {
codec =>rubydebug
}
}
[elk@Vsftp logstash]$ logstash -f t1.conf
Settings: Default pipeline workers: 4
Pipeline main started
202.101.172.35
{
"message" => "202.101.172.35",
"@version" => "1",
"@timestamp" => "2017-01-11T01:42:59.457Z",
"host" => "Vsftp",
"geoip" => {
"ip" => "202.101.172.35",
"country_code2" => "CN",
"country_code3" => "CHN",
"country_name" => "China",
"continent_code" => "AS",
"latitude" => 35.0,
"longitude" => 105.0,
"location" => [
[0] 105.0,
[1] 35.0
],
"aa" => "105.0,35.0"
}
}
[elk@Vsftp logstash]$ cat t1.conf
input {
stdin {
}
}
filter {
geoip {
source =>"message"
add_field =>["[scan][aa]","%{[geoip][location]}"]
}
}
output {
stdout {
codec =>rubydebug
}
}
[elk@Vsftp logstash]$
[elk@Vsftp logstash]$ logstash -f t1.conf
Settings: Default pipeline workers: 4
Pipeline main started
202.101.172.35
{
"message" => "202.101.172.35",
"@version" => "1",
"@timestamp" => "2017-01-11T01:45:14.001Z",
"host" => "Vsftp",
"geoip" => {
"ip" => "202.101.172.35",
"country_code2" => "CN",
"country_code3" => "CHN",
"country_name" => "China",
"continent_code" => "AS",
"latitude" => 35.0,
"longitude" => 105.0,
"location" => [
[0] 105.0,
[1] 35.0
]
},
"scan" => {
"aa" => "105.0,35.0"
}
}
[elk@Vsftp logstash]$ cat t1.conf
input {
stdin {
}
}
filter {
geoip {
source =>"message"
add_field =>["[scan][aa]","%{[geoip][location]}"]
}
}
output {
stdout {
codec =>rubydebug
}
}
[elk@Vsftp logstash]$ cat t1.conf ^C
[elk@Vsftp logstash]$ vim t1.conf
[elk@Vsftp logstash]$ cat t1.conf
input {
stdin {
}
}
filter {
geoip {
source =>"message"
add_field =>["[scan][aa]","%{[geoip][location][0]}"]
}
}
output {
stdout {
codec =>rubydebug
}
}
[elk@Vsftp logstash]$ logstash -f t1.conf
Settings: Default pipeline workers: 4
Pipeline main started
202.101.172.35
{
"message" => "202.101.172.35",
"@version" => "1",
"@timestamp" => "2017-01-11T01:48:40.316Z",
"host" => "Vsftp",
"geoip" => {
"ip" => "202.101.172.35",
"country_code2" => "CN",
"country_code3" => "CHN",
"country_name" => "China",
"continent_code" => "AS",
"latitude" => 35.0,
"longitude" => 105.0,
"location" => [
[0] 105.0,
[1] 35.0
]
},
"scan" => {
"aa" => 105.0
}
}
geoip
转载本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
上一篇:dubbo服务的运行方式(2)
下一篇:webxml attribute is required (or pre-existing WEB-INF/web.xml if executing in update mode)
提问和评论都可以,用心的回复会被更多人看到
评论
发布评论
相关文章
-
客户端灰度发布,NGINX+GeoIP2+GeoIP Database
由开发完成新功能的开发后需迭代智能PAD屏内部安卓系统APK版本时,之前的更新方式不再适用于现有这种高业务量的需求了。所以我们考虑了一个新的更新方案 "按地区更新";
nginx map geoip geoip2 location -
GeoIP2-python
o....
sqlite django perl python 数据库