<pre name="code" class="html">[elk@dr-mysql01 tomcat]$ cat logstash_tomcat.conf
input {
file {
type => "zj_api"
path => ["/data01/applog_backup/zjzc_log/zj-api*catalina*"]
}
file {
type => "wj_api"
path => ["/data01/applog_backup/winfae_log/wj-api*catalina*"]
}
}
filter {
multiline {
pattern => "^\s+%{TIMESTAMP_ISO8601}"
negate=>true
what=>"previous"
}
mutate {
add_field => [ "[@metadata][zabbix_key]" , "logstash-api-access" ]
add_field => [ "[@metadata][zabbix_host]" , "dr-mysql01" ]
}
}
filter {
grok {
match => [ "message","(?m)\s*%{TIMESTAMP_ISO8601:time}\s+(?<Level>(\S+)).*"]
}
date {
match => ["time", "yyyy-MM-dd HH:mm:ss,SSS"]
}
}
output {
if ([Level] == "ERROR" or [message] =~ "Exception" ) and [message] !~ "温金服务未连接" {
zabbix {
zabbix_host => "[@metadata][zabbix_host]"
zabbix_key => "[@metadata][zabbix_key]"
zabbix_server_host => "192.168.32.55"
zabbix_server_port => "10051"
zabbix_value => "message"
}
}
if [type] == "zj_api" {
redis {
host => "192.168.32.67"
data_type => "list"
key => "zj_api:redis"
port=>"6379"
password => "1234567"
}
}
else if [type] == "wj_api"{
redis {
host => "192.168.32.67"
data_type => "list"
key => "wj_api:redis"
port=>"6379"
password => "1234567"
}
}
}
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
