1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| input {
| # 来源beats
| beats {
| # 端口
| port => "5044"
| }
| }
| # 分析、过滤插件,可以多个
| filter {
| grok {
| match => { "message" => "%{COMBINEDAPACHELOG}"}
| }
| geoip {
| source => "clientip"
| }
| }
| output {
| # 选择elasticsearch
| elasticsearch {
| hosts => ["http://es-master:9200"]
| index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
| }
| }
|
|
