KevinMidboe/playbooks-retailor
1
0
Fork 0
mirror of https://github.com/KevinMidboe/playbooks-retailor.git synced 2026-02-15 13:59:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1fbeaed4574024f176acb6e8a311e6836fde6e0e
playbooks-retailor/roles/elasticsearch/templates/logstash-conf.d/nginx_pipeline.conf.j2

46 lines
1020 B
Django/Jinja
Raw Blame History

input {
beats {
port => 5044
}
}
filter {
grok {
match => [ "message" , "%{COMBINEDAPACHELOG}+%{GREEDYDATA:extra_fields}"]
overwrite => [ "message" ]
}
mutate {
rename => { "extra_fields" => "real_ip" }
gsub => [ "real_ip", "\"", "" ] # remove qoutes
gsub => [ "real_ip", " ", "" ] # remove whitespace
# fix
convert => ["http.response.status_code", "integer"]
convert => ["http.response.body.bytes", "integer"]
convert => ["responsetime", "float"]
remove_field => ["host.containerized"]
}
geoip {
source => "real_ip"
target => "geoip"
fields => ["city_name", "region_name", "country_name", "region_iso_code", "country_code2", "location"]
}
date {
match => [ "timestamp" , "dd/MMM/YYYY:HH:mm:ss Z" ]
remove_field => [ "timestamp" ]
}
}
output {
elasticsearch {
index => "weblogs-%{+YYYY.MM}"
hosts => "${ELASTIC_HOSTS}"
user => "elastic"
password => "${ELASTIC_PASSWORD}"
document_type => "nginx_logs"
}
}
Reference in New Issue View Git Blame Copy Permalink