github-mirrors/logstash
1
0
Fork 0
mirror of https://github.com/elastic/logstash.git synced 2025-04-21 21:27:20 -04:00
Code Issues Projects Releases Packages Wiki Activity
1149 commits 254 branches 379 tags 173 MiB
Commit graph

1149 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jordan Sissel
add9eb66cd remove ap 2010-11-11 07:38:10 +00:00
Jordan Sissel
dd93817f07 - remove 'ap' 2010-11-11 07:37:58 +00:00
Jordan Sissel
f440e22664 2010-11-11 07:37:48 +00:00
Jordan Sissel
1a2ca3fc28 - Add some nagios patterns 2010-11-11 07:37:07 +00:00
Jordan Sissel
7f38743da4 - Add grokdiscovery example 2010-11-09 10:22:40 +00:00
Jordan Sissel
65a115fee6 - Add support for iso8601 timestamps in syslog messages 2010-11-09 10:22:25 +00:00
Jordan Sissel
955773f4ff - make grokdiscovery work 2010-11-09 10:19:38 +00:00
Jordan Sissel
ca568c0437 - Add grokdiscovery 2010-11-09 10:11:28 +00:00
Jordan Sissel
37488a44fc - use DateTime.parse to ensure any ISO8601 format dates rae in our common 
format. This may not be necessary in the long run.
 2010-11-09 09:58:28 +00:00
Jordan Sissel
5a8a350ef3 - Degrade-without-dying if we don't have awesome_print 2010-11-09 09:50:29 +00:00
Jordan Sissel
a579aea186 - Allow easy specification of ISO8601 format 2010-11-09 09:49:55 +00:00
Jordan Sissel
2953457843 - Add all patterns found 2010-11-09 09:27:57 +00:00
Pete Fritchman
ec2ae60d83 add support for streaming logs to elasticsearch via a "rabbitmq river". 
we have to PUT a json config to the elasticsearch HTTP API to tell it
where to look, then we use our amqp output to send bulk-data style
index messages to elasticsearch. The ES side does bulk-queueing for us.
 2010-11-01 01:46:20 +00:00
Pete Fritchman
b250a0218c move CGI include around to proper place 2010-11-01 01:40:29 +00:00
Pete Fritchman
84ef233bca - parse query string on output URLs for additional options 
- amqp now properly supports "queue" type (and in general, works now)
- amqp supports durable queues (?durable=1)
- added amqp#receive_raw for publishing a string directly
 2010-11-01 01:35:52 +00:00
Pete Fritchman
3014715d78 automatically include the right lib dir 2010-11-01 01:31:15 +00:00
Jordan Sissel
57f480adeb - Make TZ in DATESTAMP_OTHER optional 
- Add more debugging to filters/grok to make it easier to see pattern compile problems.
- Add percentage progress to rate.sh (for tracking long imports on logstash)
- Add content-type to the webserver
- Update to web interface to use new @-prefixed notation (@message, etc)
 2010-10-31 08:59:28 +00:00
Jordan Sissel
b3e67888a1 2010-10-31 08:52:41 +00:00
Jordan Sissel
8ef912a624 - Only push events to websockets when we have subscribers 2010-10-31 08:28:55 +00:00
Jordan Sissel
97d71ed130 - Add script to hackily check for progress on a long import. 2010-10-31 08:17:47 +00:00
Pete Fritchman
8462bd05fa introduce log types, in addition to tags 2010-10-31 06:01:46 +00:00
Pete Fritchman
7e80e89c39 show usage when we encouner option-related problems 2010-10-31 04:54:25 +00:00
Pete Fritchman
8d6419e191 s/throw/raise/ 2010-10-31 04:50:19 +00:00
Pete Fritchman
f7ad0a0a9a create base classes for inputs/outputs/filters 2010-10-31 04:46:12 +00:00
Jordan Sissel
2aba74e2f4 - metadata uses '@' prefix notation. (@timestamp, @source, etc) 2010-10-31 02:22:12 +00:00
Jordan Sissel
0de9b9d9c3 - redirect / => /search 
- clean up sass deprecated warnings
- add note about clicking on results
 2010-10-29 16:18:49 +00:00
Jordan Sissel
4b9d940341 - Escpae results 2010-10-29 16:17:28 +00:00
Jordan Sissel
73714d66d6 - Add javascript I forgot earlier. 2010-10-28 19:48:24 +00:00
Jordan Sissel
d2f8cadc50 - add Logger support 2010-10-28 19:05:14 +00:00
Jordan Sissel
2ac9f69c55 - Update to work with latest code 2010-10-28 11:00:27 +00:00
Jordan Sissel
2053ceabcb - revert :port addition 2010-10-28 10:59:08 +00:00
Jordan Sissel
b8358e6004 - Add '_' to valid characters in URI paths and query parameters 2010-10-28 10:49:44 +00:00
Jordan Sissel
fb72212e36 - Improve logging. If the logger level == Logger::DEBUG, then we'll log the 
caller file, line number, and method. Example:

  With 'logger.level == Logger::DEBUG'
  I, [2010-10-28T03:38:23.984737 #25011]  INFO -- logtest.rb:9#foo: Hello
     ^ includes source file, line, and method. Source file gets trimmed
     if it's in $: (RUBYLIB path)
                                                  
  With 'logger.level != Logger::DEBUG'
  I, [2010-10-28T03:37:42.235899 #24998]  INFO -- logtest.rb: Hello
                                                     ^ progname, aka $0
 2010-10-28 10:39:13 +00:00
Jordan Sissel
b711b9d870 - Log when we skip something 2010-10-28 09:23:28 +00:00
Jordan Sissel
953fadeb80 - Import from grok svn r3079 (all pattern tests passing) 2010-10-28 09:20:07 +00:00
Jordan Sissel
4a89da7c1c - Refine LogStash::Event to have less Hash feel. 
- Add logging to filter/grok
- Make LogStash::Logger::Formatter only use awesome_inspect for non-strings
 2010-10-28 08:29:34 +00:00
Jordan Sissel
8cb4676420 - Start using our own logger 
- Add LogStash::Time::to_iso8601 to convert DateTime objects to iso8601 format.
- Add a 'date' filter for using a specific field into the real timestamp for
  the event. Example
    filters:
    - date:
        linux-syslog:
          date: %b %e %H:%M:%S
        apache-access:
          timestamp: "%d/%b/%Y:%H:%M:%S %Z"
  Syntax is:
    <tag>:
       <field>: <format>
  Supported format is 'strftime'
 2010-10-28 06:28:32 +00:00
Jordan Sissel
bd65c610b4 - fixa logic for setting debug level 
- start working on our own Logger subclass so we can log objects if necessary
 2010-10-27 09:03:33 +00:00
Jordan Sissel
62af366598 - remove unused 2010-10-27 02:50:35 +00:00
Jordan Sissel
7e9bedea32 - add logging 2010-10-27 02:50:22 +00:00
Jordan Sissel
64c072be20 - Add logging 2010-10-27 02:47:07 +00:00
Jordan Sissel
7821dd483b - update install notes 2010-10-27 02:46:53 +00:00
Pete Fritchman
b9592108b2 mark bin/logstash as executable 2010-10-26 09:40:37 +00:00
Jordan Sissel
7d1fb812b7 - Add standalone 2010-10-26 09:32:29 +00:00
Jordan Sissel
0b44e65eaf - should merge arrays, not append 2010-10-26 09:22:47 +00:00
Jordan Sissel
85d90ba6c4 - move grok parsed fields into a separate 'fields' piece 2010-10-26 09:02:59 +00:00
Jordan Sissel
7096ab9ebd - Use ajax calls to update search 
- Make search interactive
 2010-10-26 06:41:49 +00:00
Jordan Sissel
8fd6ca9422 - Start using haml. 2010-10-25 09:53:11 +00:00
Jordan Sissel
49af98b731 - Pad time fraction so it's sortable. 
- Use strings, not symbols since symbols aren't valid in json (and become
  strings anyway)
 2010-10-25 09:52:35 +00:00
Jordan Sissel
983ded0aff - Start working on a new web interface. Previous one was merb, new one is 
async_sinatra. Initially supporting only ElasticSearch as a backend, will
  add more eventually.

  Example:
    % curl http://localhost:9292/search?q=helloworld

    {"received_timestamp"=>"2010-10-24 09:59:05.969670Z", "tags"=>["linux-syslog"], "message"=>"...", "source"=>"file://snack.home/var/log/user.log"}
    <p>

    {"received_timestamp"=>"2010-10-24 09:59:05.973771Z", "tags"=>["linux-syslog"], "message"=>"...", "source"=>"file://snack.home/var/log/messages"}
    <p>
 2010-10-24 10:00:42 +00:00