88 lines
1.7 KiB
YAML
88 lines
1.7 KiB
YAML
name: xxxx
|
|
logging.level: warning
|
|
setup.ilm.enabled: false
|
|
setup.template.name: "filebeat-xxxx"
|
|
setup.template.pattern: "filebeat-xxxx-*"
|
|
setup.template.overwrite: true
|
|
setup.template.append_fields:
|
|
- name: java.line_num
|
|
type: long
|
|
- name: log.content
|
|
type: text
|
|
- name: nginx.client
|
|
type: ip
|
|
- name: nginx.response.body_size
|
|
type: long
|
|
- name: mysql.querytime
|
|
type: long
|
|
- name: mysql.sql
|
|
type: text
|
|
|
|
filebeat.inputs:
|
|
- type: log
|
|
enabled: true
|
|
paths:
|
|
- /path/to/mysql/log/error.log
|
|
include_lines: "[[Error]]"
|
|
fields:
|
|
log.app: mysql-error
|
|
fields_under_root: true
|
|
- type: log
|
|
enabled: true
|
|
paths:
|
|
- /path/to/mysql/log/slow.log
|
|
multiline.pattern: "^# Time"
|
|
multiline.negate: true
|
|
multiline.match: after
|
|
fields:
|
|
log.app: mysql-slow
|
|
fields_under_root: true
|
|
|
|
processors:
|
|
- include_fields:
|
|
fields:
|
|
- log.app
|
|
- log.file.path
|
|
- agent.hostname
|
|
- agent.name
|
|
- message
|
|
- if:
|
|
equals:
|
|
log.app: mysql-error
|
|
then:
|
|
- dissect:
|
|
tokenizer: '%{_logtime}+08:00 %{log.content}'
|
|
target_prefix: ""
|
|
overwrite_keys: true
|
|
else:
|
|
- dissect:
|
|
tokenizer: '# Time: %{_logtime}+08:00%{}# User@Host: %{mysql.user} @ %{mysql.host} Id: %{}# Query_time: %{mysql.querytime} %{mysql.sql}'
|
|
target_prefix: ""
|
|
overwrite_keys: true
|
|
- timestamp:
|
|
field: _logtime
|
|
timezone: Asia/Shanghai
|
|
layouts:
|
|
- 2021-07-15T13:36:57.776566
|
|
- drop_fields:
|
|
when:
|
|
has_fields:
|
|
- _logtime
|
|
fields:
|
|
- _logtime
|
|
- message
|
|
|
|
output.elasticsearch:
|
|
enabled: true
|
|
hosts:
|
|
- http://x.x.x.x:9200
|
|
index: "filebeat-xxxx-%{+yyyy.MM.dd}"
|
|
username: "filebeat"
|
|
password: "Filebeat_P@sswo2d"
|
|
|
|
output.console:
|
|
enabled: false
|
|
codec.json:
|
|
pretty: true
|
|
|