Categories
- FFMpeg (5)
- Libav (1)
- Google (3)
- iBeacon (1)
- LDAP (3)
- Me (2)
- Network (11)
- OS (149)
- RTMP (4)
- SIP (1)
- Kamailio (1)
- SNMP (1)
- VMware (20)
- VCP考試 (1)
- 伺服器 網站服務 (105)
- 名詞解釋 (4)
- 專案管理 (1)
- 工具軟體 (50)
- Adobe (1)
- FMS (1)
- Cloudera (1)
- Docker (1)
- Eclipse (4)
- Intellij (2)
- OBS (2)
- Office (10)
- Excel (4)
- PowerPoint (5)
- Postman (1)
- Splunk (13)
- Virtualbox (2)
- Visual Studio (2)
- 文字編輯器 (10)
- Sublime Text 2 (6)
- Sublime Text 3 (3)
- Vim (3)
- 連線工具 (1)
- Xshell (1)
- Adobe (1)
- 程式語言 (79)
- CSS (2)
- HTML (2)
- iOS (1)
- Java (30)
- JavaScript (5)
- jQuery (4)
- jsTree (2)
- JSP (3)
- PHP (16)
- Python (7)
- Ruby (1)
- sed (1)
- Shell Script (8)
- Windows Bash Script (1)
- XML (1)
- 資料庫 (37)
- FFMpeg (5)
Category Archives: Logstash
[Logstash] Pattern set in grok.
The original warning message is this.
|
1 2 |
"You are using a deprecated config setting "pattern" set in grok. Deprecated settings will continue to work, but are scheduled for removal from logstash in the future. You should use this instead: match => { "message" => "your pattern here" } If you have any questions about this, please visit the #logstash channel on freenode irc."" |
And here is the original server config.
|
1 2 3 4 5 6 7 8 |
if [type] == "nginx-access" { grok { type => "nginx-access" pattern => "%{NGINXACCESS}" patterns_dir => ["/opt/logstash/patterns"] } } |
So what we should do is modify the config. Using the match function to replace the pattern, like this.
|
1 2 3 4 5 6 7 8 |
if [type] == "nginx-access" { grok { patterns_dir => "/opt/logstash/patterns" type => "nginx-access" match => ["message", "%{NGINXACCESS}"] } } |
Posted in Logstash
Leave a comment
[Logstash] LoadError: no such file to load — i18n
In CentOS 5.5, I want to install the logstash agent to forward logs. Because it was older system and no one would upgrade it, the original java version is 1.6. I always got the error about “LoadError: no such file … Continue reading
Posted in Logstash
Leave a comment
Logstash + Redis + Nginx + Kibana + ElasticSearch
環境: Ubuntu 14.04 x64 server 安裝Java環境
|
1 |
sudo apt-get install openjdk-7-jdk |
下載Logstash壓縮檔
|
1 2 3 |
cd /tmp curl -O https://download.elasticsearch.org/logstash/logstash/logstash-1.4.0.tar.gz tar zxvf logstash-1.4.0.tar.gz -C /opt/logstash |
基本測試
|
1 2 3 |
cd /opt/logstash bin/logstash -e 'input { stdin { } } output { stdout {} } # 試著打幾個字看看 |
安裝Elasticsearch
|
1 2 3 |
cd /tmp wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.1.1.deb sudo dpkg -i elasticsearch-1.1.1.deb |
設定Elasticsearch 編輯/etc/elasticsearch/elasticsearch.yml 取消cluster.name、node.name的注解並改成自己想要的 重新啟動Elasticsearch
|
1 |
sudo service elastic search restart |
安裝Redis
|
1 |
sudo apt-get install redis-server |
設定Redis 編輯/etc/redis/redis.conf,使用
|
1 2 3 |
bind 0.0.0.0 取代 bind 127.0.0.1 |
重新啟動Redis
|
1 |
sudo service redis-server restart |
下載Kibana
|
1 2 3 4 |
cd /tmp wget https://download.elasticsearch.org/kibana/kibana/kibana-3.0.0.tar.gz mkdir -p /var/www/kibana tar xvfz kibana-3.0.0.tar.gz -C /var/www/kibana |
編輯Kibana設定檔 編輯/var/www/kubana/config.js,使用
|
1 2 3 |
elasticsearch: "http://本機IP:9200" 取代 elasticsearch: "http://"+window.location.hostname+":9200" |
設定Logstash Server設定檔 編輯/etc/logstash/server.conf
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
input { redis { host => "本機IP" type => "redis" data_type => "list" key => "logstash" } } output { stdout { } elasticsearch { cluster => "elasticsearch" } } |
測試Logstash能否以Server啟動
|
1 |
/opt/logstash/bin/logstash --verbose -f /etc/logstash/server.conf |
安裝Nginx
|
1 |
sudo apt-get install nginx |
設定Nginx 編輯/etc/nginx/sites-enabled/default,使用 … Continue reading
Posted in Elasticsearch, Kibana, Logstash, Redis
Leave a comment