-
Windows环境下的ELK——logstash日志(2)
一、Apche日志文件输出
文件结构
1.test.conf
注意这里无论是window还是liunx系统都必须是反斜杠
test.conf与bin文件在同级目录通过CMD进入bin文件夹
执行命令logstash.bat -f test.confinput{ file { #文件的绝对地址 path => "F:/ELK/ELK8.2.3/logstash-8.2.3/apache.log" #设置从头开始读取 start_position => "beginning" #每隔三秒自动更新日志 stat_interval=>3 } } //设置输出格式 output{ stdout{codec => rubydebug} }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
2.apache.log
83.149.9.216 - - [17/May/2015:10:05:03 +0000] "GET /presentations/logstash-monitorama-2013/images/kibana-search.png HTTP/1.1" 200 203023 "http://semicomplete.com/presentations/logstash-monitorama-2013/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36" 83.149.9.216 - - [17/May/2015:10:05:43 +0000] "GET /presentations/logstash-monitorama-2013/images/kibana-dashboard3.png HTTP/1.1" 200 171717 "http://semicomplete.com/presentations/logstash-monitorama-2013/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36" 83.149.9.216 - - [17/May/2015:10:05:47 +0000] "GET /presentations/logstash-monitorama-2013/plugin/highlight/highlight.js HTTP/1.1" 200 26185 "http://semicomplete.com/presentations/logstash-monitorama-2013/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36" 83.149.9.216 - - [17/May/2015:10:05:12 +0000] "GET /presentations/logstash-monitorama-2013/plugin/zoom-js/zoom.js HTTP/1.1" 200 7697 "http://semicomplete.com/presentations/logstash-monitorama-2013/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36" 83.149.9.216 - - [17/May/2015:10:05:07 +0000] "GET /presentations/logstash-monitorama-2013/plugin/notes/notes.js HTTP/1.1" 200 2892 "http://semicomplete.com/presentations/logstash-monitorama-2013/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36" 83.149.9.216 - - [17/May/2015:10:05:34 +0000] "GET /presentations/logstash-monitorama-2013/images/sad-medic.png HTTP/1.1" 200 430406 "http://semicomplete.com/presentations/logstash-monitorama-2013/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36" 83.149.9.216 - - [17/May/2015:10:05:57 +0000] "GET /presentations/logstash-monitorama-2013/css/fonts/Roboto-Bold.ttf HTTP/1.1" 200 38720 "http://semicomplete.com/presentations/logstash-monitorama-2013/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36"- 1
- 2
- 3
- 4
- 5
- 6
- 7
二、运行结果
运行完需要删除
F:\ELK\ELK8.2.3\logstash-8.2.3\data\plugins\inputs\file
里以.sin开头的文件,这里面记录file的状态,不删,再次运行就没有输出了 -
相关阅读:
基于JAVA后台的微信垃圾分类小程序系统 开题报告
河南资信评价资质申报日期一览
Jmeter基础入门教程【23】--常用功能详解:断言持续时间
彩票-股票-外汇-加密货币-概率游戏交易思维训练1
高性能云原生数据对象存储MinIO实战-上
基于Xml方式Bean的配置-初始化方法和销毁方法
bootstrap练习
OpenCV DNN模块常用操作
uni-app进行表单效验
详细说说机器学习在交通领域的应用
- 原文地址:https://blog.csdn.net/wsnbbdbbdbbdbb/article/details/125432793