See if we can mount it

db17a8d3 · Alcides Viamontes E · db17a8d3 · db17a8d3
Commit db17a8d3 authored May 19, 2018 by Alcides Viamontes E
Hide whitespace changes
Inline Side-by-side

Showing with 33 additions and 0 deletions

README.md README.md +2 -0

pipeline/uploaded_log_messages.conf pipeline/uploaded_log_messages.conf +31 -0

No files found.
--- a/README.md
+++ b/README.md
+
+Mount inside logstash, at /usr/share/logstash/pipeline/
--- a/pipeline/uploaded_log_messages.conf
+++ b/pipeline/uploaded_log_messages.conf
+input { beats { 
+  port => 5044
+  } 
+}
+filter {
+  date {
+    match => [
+      "when",  "yyyy-MM-ddD HH:mm:ss"
+    ]
+  }
+
+  grok {
+    match => {
+      "message" => "Uploaded %{NUMBER:uploaded_msg_count:integer} messages"
+      }
+  }
+
+  # grok {
+  #  match => {
+  #    # Level: INFO, Time: 2018-05-15 08:36:42,211, Message: Uploaded 1000 messages
+  #    "message" => "Level\: %{LOGLEVEL:log-level}, Time\: %{DATESTAMP:datestamp}[,0-9]* Message: .*"
+  #    }
+  # }
+
+}
+output {
+  elasticsearch { 
+    "hosts" => ["elasticsearch:9200"]
+    "template" => "/etc/es_default_mapping_template.json"
+    }
+}