mirror of
https://github.com/elastic/logstash.git
synced 2025-04-24 22:57:16 -04:00
4f8e75f5fb
Seems like debug => true is not supported anymore? I am getting "Unknown setting 'debug' for stdout {:level=>:error}" when I run it.. with "codec => rubydebug" it looks ok :)
Fixes #2510
33 lines
858 B
Text
33 lines
858 B
Text
input {
|
|
tcp {
|
|
type => "apache"
|
|
port => 3333
|
|
}
|
|
}
|
|
|
|
filter {
|
|
if [type] == "apache" {
|
|
grok {
|
|
# See the following URL for a complete list of named patterns
|
|
# logstash/grok ships with by default:
|
|
# https://github.com/logstash/logstash/tree/master/patterns
|
|
#
|
|
# The grok filter will use the below pattern and on successful match use
|
|
# any captured values as new fields in the event.
|
|
match => { "message" => "%{COMBINEDAPACHELOG}" }
|
|
}
|
|
|
|
date {
|
|
# Try to pull the timestamp from the 'timestamp' field (parsed above with
|
|
# grok). The apache time format looks like: "18/Aug/2011:05:44:34 -0700"
|
|
match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ]
|
|
}
|
|
}
|
|
}
|
|
|
|
output {
|
|
# Use stdout in debug mode again to see what logstash makes of the event.
|
|
stdout {
|
|
codec => rubydebug
|
|
}
|
|
}
|