49 lines
1.3 KiB
JSON
49 lines
1.3 KiB
JSON
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/java -d '
|
|
{
|
|
"description" : "java",
|
|
"processors" : [
|
|
{
|
|
"grok" : {
|
|
"field" : "message",
|
|
"patterns" : [
|
|
"^%{JAVA_TIME:java.log.time}-\\[%{DATA:java.process}\\]-%{WORD:java.log.level}\\[%{DATA:java.thead}\\]%{WORD:java.class}\\.%{WORD:java.function}\\((?:%{NUMBER:java.line_num}|\\?)\\) \\| %{CONTENT:java.log.content}"
|
|
],
|
|
"pattern_definitions" : {
|
|
"JAVA_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]",
|
|
"CONTENT" : "(.*\n?)*"
|
|
},
|
|
"ignore_missing" : true,
|
|
"ignore_failure" : true
|
|
}
|
|
},
|
|
{
|
|
"rename" : {
|
|
"field" : "@timestamp",
|
|
"target_field" : "read_timestamp"
|
|
}
|
|
},
|
|
{
|
|
"date" : {
|
|
"formats" : [
|
|
"YYYY-MM-dd H:m:s"
|
|
],
|
|
"timezone" : "Asia/Shanghai",
|
|
"field" : "java.log.time",
|
|
"target_field" : "@timestamp",
|
|
"ignore_failure" : true
|
|
}
|
|
},
|
|
{
|
|
"remove" : {
|
|
"field" : "java.log.time",
|
|
"ignore_failure" : true
|
|
}
|
|
},
|
|
{
|
|
"remove" : {
|
|
"field" : "message"
|
|
}
|
|
}
|
|
]
|
|
}'
|