logstash 아파치 apache 설정

http://hhjeong.tistory.com/109

설정파일 : logstash-apache.config

input {
     file {
         path => "C:\Bitnami\elk-6.2.3-0\apache2\logs\access.log"
         start_position => beginning
     }
 }
   
 filter {
   if [path] =~ "access" {
    mutate { replace => { type => "apache_access" } }
    grok {
      match => { "message" => "%{COMMONAPACHELOG}" }
    }
    date {
      match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
      locale => en
    }
    useragent {
      source => "agent"
      target => "useragent"
    }
  } else if [path] =~ "error" {
    mutate { replace => { type => "apache_error" } }
  } else {
    mutate { replace => { type => "random_logs" } }
  }

 }

 output {
     elasticsearch {
         hosts => [ "127.0.0.1:9200" ]
     } 
     stdout { codec => rubydebug }
 }


출처: http://hhjeong.tistory.com/109 [후니의 개발일지]