USAGE

@@ -0,0 +1,5 @@
+Usage:
+
+bin/logstash client    # Will watch /var/log/messages and push to amqp
+bin/logstash server    # Watch amqp messages; parse and send to another topic
+examples/test.rb       # Watch parsed messages on amqp, reacts to specific ones

logstash-agent.yaml

@@ -1,35 +0,0 @@
----
-watch:
-- /var/log/messages
-- /var/log/*.log
-- /b/logs/*
-
-logstash_dir: /c/logstash
-pattern_dir: /c/logstash/patterns
-elasticsearch_host: snack.home:9200
-
-log-types:
-  linux-syslog:
-    type: text
-    date:
-      key: date
-      format: %b %e %H:%M:%S
-    patterns:
-    - %{SYSLOGPAMSESSION}
-    - %{SYSLOGLINE}
-
-  httpd-access:
-    type: text
-    date:
-      key: timestamp
-      format: %d/%b/%Y:%H:%M:%S %Z
-    patterns:
-    - %{COMBINEDAPACHELOG}
-
-  haproxy:
-    type: text
-    date:
-      key: date
-      format: %b %e %H:%M:%S
-    patterns:
-    - %{HAPROXYHTTP}

logstashd.yaml

@@ -1,45 +0,0 @@
----
-logstash_dir: /c/logstash
-pattern_dir: /c/logstash/patterns
-elasticsearch_host: localhost;9200
-
-log-types:
-  linux-syslog:
-    type: text
-    date:
-      key: date
-      format: %b %e %H:%M:%S
-    patterns:
-    - %{SYSLOGPAMSESSION}
-    - %{SYSLOGLINE}
-
-  httpd-access:
-    type: text
-    date:
-      key: timestamp
-      format: %d/%b/%Y:%H:%M:%S %Z
-    patterns:
-    - %{COMBINEDAPACHELOG}
-
-  glu:
-    type: json
-    date:
-      key: timestamp
-      format: %Y-%m-%dT%H:%M:%S
-    display_format: "<%= entry['timestamp'] %> | <%= entry['level'] %> | <%= entry['context/sessionKey'] %> | <%= entry['sourceHostName'] %> | <%= entry['context/componentName'] %> | <%= entry['message'] %>"
-
-  netscreen:
-    type: text
-    date:
-      key: date
-      format: %b %e %H:%M:%S
-    patterns:
-    - %{NETSCREENSESSIONLOG}
-
-  haproxy:
-    type: text
-    date:
-      key: date
-      format: %b %e %H:%M:%S
-    patterns:
-    - %{HAPROXYHTTP}