Add Logstash config to filter example Nginx logs
Signed-off-by: Jing Li <thyrlian@gmail.com>
This commit is contained in:
Jing Li
parent
20e68aa966
commit
c02d92a01c
|
|
@ -52,3 +52,7 @@ Stop and remove the containers
|
|||
```
|
||||
$ docker-compose down
|
||||
```
|
||||
|
||||
## Attribution
|
||||
|
||||
The [example Nginx logs](https://github.com/docker/awesome-compose/tree/master/elasticsearch-logstash-kibana/logstash/nginx.log) are copied from [here](https://github.com/elastic/examples/blob/master/Common%20Data%20Formats/nginx_json_logs/nginx_json_logs).
|
||||
|
|
|
|||
|
|
@ -23,6 +23,9 @@ services:
|
|||
environment:
|
||||
discovery.seed_hosts: logstash
|
||||
LS_JAVA_OPTS: "-Xms512m -Xmx512m"
|
||||
volumes:
|
||||
- ./logstash/pipeline/logstash-nginx.config:/usr/share/logstash/pipeline/logstash-nginx.config
|
||||
- ./logstash/nginx.log:/home/nginx.log
|
||||
ports:
|
||||
- "5000:5000/tcp"
|
||||
- "5000:5000/udp"
|
||||
|
|
@ -32,6 +35,7 @@ services:
|
|||
- elasticsearch
|
||||
networks:
|
||||
- elastic
|
||||
command: logstash -f /usr/share/logstash/pipeline/logstash-nginx.config
|
||||
kibana:
|
||||
image: kibana:7.8.0
|
||||
container_name: kib
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -0,0 +1,30 @@
|
|||
input {
|
||||
file {
|
||||
path => "/home/nginx.log"
|
||||
start_position => "beginning"
|
||||
sincedb_path => "/dev/null"
|
||||
}
|
||||
}
|
||||
|
||||
filter {
|
||||
json {
|
||||
source => "message"
|
||||
}
|
||||
geoip {
|
||||
source => "remote_ip"
|
||||
}
|
||||
useragent {
|
||||
source => "agent"
|
||||
target => "useragent"
|
||||
}
|
||||
}
|
||||
|
||||
output {
|
||||
elasticsearch {
|
||||
hosts => ["http://es:9200"]
|
||||
index => "nginx"
|
||||
}
|
||||
stdout {
|
||||
codec => rubydebug
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue