Sha256: ac81359e2843589caa1494e136dbf933cb0a5f8d1925def955952752a626b8a0
Contents?: true
Size: 1001 Bytes
Versions: 1
Compression:
Stored size: 1001 Bytes
Contents
input {
tcp {
type => "apache"
port => 3333
}
}
filter {
if [type] == "apache" {
grok {
# See the following URL for a complete list of named patterns
# logstash/grok ships with by default:
# https://github.com/logstash/logstash/tree/master/patterns
#
# The grok filter will use the below pattern and on successful match use
# any captured values as new fields in the event.
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
# Try to pull the timestamp from the 'timestamp' field (parsed above with
# grok). The apache time format looks like: "18/Aug/2011:05:44:34 -0700"
match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}
}
output {
elasticsearch {
# Setting 'embedded' will run a real elasticsearch server inside logstash.
# This option below saves you from having to run a separate process just
# for ElasticSearch, so you can get started quicker!
embedded => true
}
}
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| logstash-lib-1.3.2 | docs/tutorials/10-minute-walkthrough/apache-elasticsearch.conf |