Tag: logstash configuration

安装docker撰写logstash插件

我试图parsingCSV文件中的date字段，并使用logstash将其转换为所需的date格式，但是当我尝试使用docker运行logtstash时，我不断收到错误 Problems loading a plugin with {:type=>"filter", :name=>"date_formatter", 我的logstashfilterconfiguration如下 date { match => ["start_date", "MM/dd/yy"] target => "start_date" } date_formatter { source => "start_date" pattern => "YYYY-MM-dd" } 我试图创buildDockerfile与docker撰写和添加插件那里它仍然无法正常工作 Dockerfile FROM docker.elastic.co/logstash/logstash-oss:5.6.3 RUN logstash-plugin install logstash-filter-date_formatter Docker撰写 version: '2' services: # Service : logstash logstash-5-6: image: docker.elastic.co/logstash/logstash:5.6.3 container_name: logstash-5-6

如何configurationLogstash来parsingAWS ELB日志？

我想从Logstash中parsing设置在dockerised ELK堆栈中的AWS ELB日志[存储在S3存储桶中]。 我克隆了这个回购。 这是它的文档。 我添加了这样的logstashconfiguration文件[并注释掉所有其他]： # AWS ELB configuration file ADD ./aws_elb_logs.conf /etc/logstash/conf.d/aws_elb_logs.conf configuration文件如下： input { s3 { # Logging_user AWS creds access_key_id => "fjnsdfjnsdjfnjsdn" secret_access_key => "asdfsdfsdfsdfsdfsdfsdfsd" bucket => "elb-access-logs" region => "us-west-2" # keep track of the last processed file sincedb_path => "./last-s3-file" codec => "json" type => "elb" } } filter […]

Docker Compose – Logstash – 启动后用代码0退出

我试图用Docker Compose使用Logstash，.yml文件看起来像这样： user-service: image: images/user-service ports: – "2222:2222" links: – logstash logstash: image: images/logstash command: logstash -e 'input{} output{}' ports: – "5045:5045" logstash开始和结束，如控制台显示： logstash_1 | Sending Logstash's logs to /var/log/logstash which is now configured via log4j2.properties logstash_1 | 01:51:30.164 [[main]-pipeline-manager] INFO logstash.pipeline – Starting pipeline {"id"=>"main", "pipeline.workers"=>2, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>250} logstash_1 | 01:51:30.246 [[main]-pipeline-manager] INFO […]