logstash解析tomcat的catalina.out日志字段

时间：2019-12-04 20:28:54 阅读：313 评论：0 收藏：0 [点我收藏+]

标签：inf efi att exce put catalina logstash ali out

filter {
    mutate {
        remove_field => ["@version","prospector","input","beat","source","offset"]
    }
    grok {
        match => {
            "message" => "%{TIMESTAMP_ISO8601:access_time} %{LOGLEVEL:loglevel} \[%{DATA:exception_info}\] - \<%{MESSAGE:message}\>"
        }
        pattern_definitions => {
            "MESSAGE" => "[\s\S]*"
        }
    }
    date {
        match => [ "access_time","yyyy-MM-dd HH:mm:ss,SSS" ]
    }
    mutate {
        remove_field => ["access_time","[message][0]"]
    }
}

标签：inf efi att exce put catalina logstash ali out

原文地址：https://www.cnblogs.com/sanduzxcvbnm/p/11984821.html

踩

(0)

评论一句话评论（0）