2015/07/17

ELK Note (ElasticSearch-Logstash-Kibana)

 

 

logstash filter grok

https://www.elastic.co/guide/en/logstash/current/plugins-filters-grok.html

logstash filter date

https://www.elastic.co/guide/en/logstash/current/plugins-filters-date.html

logstash filter translate

https://www.elastic.co/guide/en/logstash/current/plugins-filters-translate.html

lostash filter mutate

https://www.elastic.co/guide/en/logstash/current/plugins-filters-mutate.html

 

logstash debug config

.\logstash.bat -f dddd.conf

input {
    stdin{}
}

filter {
    grok {
      match => { "message" => "(\s(?<stock_id>[0-9]{5}))" }
    }
    date {
        locale => "en"
        match => ["message", "YYYY-MM-dd;HH:mm:ss.SSS"]
        timezone => "Europe/Vienna"
        target => "@timestamp"
        add_field => { "debug" => "timestampMatched"}
   }
}

output {
    stdout {
            codec => "rubydebug"
    }
}

http://blog.mmlac.com/how-to-pre-process-logs-with-logstash/

 

 

logstash timestamp issue fix

http://stackoverflow.com/questions/25156517/logstash-date-parsing-as-timestamp-using-the-date-filter

 

logstash IISLOG

Logstash config for IIS logs

http://dotnetanalysis.blogspot.tw/2014/11/logstash-config-for-iis-logs.html

URL

http://engineering.laterooms.com/enriching-logs-with-logstash/

.net+LogParser like logstash

TimberWinR 

 

 

 

Regular Expression Test

http://grokconstructor.appspot.com/do/match#result

 

HowTo install ELK on Windows Server IIS

https://blog.basefarm.com/blog/how-to-install-logstash-on-windows-server-2012-with-kibana-in-iis/

沒有留言: