mirror of
https://github.com/elastic/logstash.git
synced 2025-04-24 14:47:19 -04:00
35 lines
970 B
Text
35 lines
970 B
Text
input {
|
|
tcp {
|
|
type => "apache"
|
|
port => 3333
|
|
}
|
|
}
|
|
|
|
filter {
|
|
grok {
|
|
type => "apache"
|
|
# See the following URL for a complete list of named patterns
|
|
# logstash/grok ships with by default:
|
|
# https://github.com/logstash/logstash/tree/master/patterns
|
|
#
|
|
# The grok filter will use the below pattern and on successful match use
|
|
# any captured values as new fields in the event.
|
|
pattern => "%{COMBINEDAPACHELOG}"
|
|
}
|
|
|
|
date {
|
|
type => "apache"
|
|
# Try to pull the timestamp from the 'timestamp' field (parsed above with
|
|
# grok). The apache time format looks like: "18/Aug/2011:05:44:34 -0700"
|
|
match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ]
|
|
}
|
|
}
|
|
|
|
output {
|
|
elasticsearch {
|
|
# Setting 'embedded' will run a real elasticsearch server inside logstash.
|
|
# This option below saves you from having to run a separate process just
|
|
# for ElasticSearch, so you can get started quicker!
|
|
embedded => true
|
|
}
|
|
}
|