logstash + apache
Working logstash 1.2.1 configuration for apache 2.2 and /var/log/apache2/other_vhosts_access.log files.
Run with:
$ java -jar logstash-1.2.1-flatjar.jar agent -f apache.conf -- web
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | input { file { path => "/var/log/apache2/*access.log" type => "apache-access" } } filter { if [type] == "apache-access" { grok { match => [ "message", "%{URIHOST:fullhost} %{COMBINEDAPACHELOG}"] } } } output { stdout { codec => rubydebug #debug => true } elasticsearch { embedded => true } } |
