Hello prawns! logstash: 100.97.73.229-- [19 Feb 2019:17:43:11 + 0800] "GET news-spread_index-138.html HTTP 1.1 " 7920 "- " Mozilla 5.0 (Linux; Android 8.1; MI 6X Build OPM1.171019.011; wv) AppleWebKit 537.36 (KHTML, like Gecko) Version 4.0...
recently, I want to implement the permission control of Kibana, because Xpack and shield are charged. Is there any implementation of a custom plug-in? My main purpose is to implement the permission control of Kibana dashboard, otherwise anyone can edit a...
problem description there is a requirement to get the accessed domain name IP from the log and want to match the type and Chinese name of the website in filter. the type and Chinese name of the website are stored in a database file, just like a dic...
GET production-index-info index_info _search { "query": { "bool": { "minimum_should_match": 0, "must": [ { "term": { "is_resolved.keyword": "...
paste the document first: { "total": 5, "online": [ { "sid": "1101006", "total": 0 }, { "sid": "1101001", ...
I installed the elasticsearch-6.4.3 version I modified the mapping,properties of es to include the following fields es: ask for advice, thank you! ...
Hello, everyone. I have been building an elk environment recently, but I have encountered a problem. My logstash agent output log is as follows: { "level" => "WARN", "uuid" => "109933", ...
A beginner elk, sets up a log collection look and encounters doubts when presenting the data. my logstash has set up two pipeline,rabbitmq and two http input: input { rabbitmq { host => "rabbitmq" subscription_retry_interval_se...
all the materials seen so far are filebeat.inputs: . Only under the include_lines attribute can be used for Filter log content. Such as filebeat.inputs: - type: log ... include_lines: [ ^ERR , ^WARN ] but now I don t open filebeat.inputs...
the configuration file is as follows: < hr > < H2 >-filebeat-< H2 > type: log enabled: true paths: var log nginx userapi.access.log json.message_key: true json.keys_under_root: true json.overwrite_keys: true tail_files: true fields...
there is a string like x09x09x09Version in the nginx log, which caused logstash to report an error when collecting Filter. Has anyone ever encountered the same problem and solved it? nginx log content: {"http_host": "xxxx", &quo...
excuse me, A 4-core 8G machine with logstash, deployed on it can probably support several log input nodes of filebeat. If there is no message queue as buffer, do you have any experience in this field? similarly, how many logstash nodes can a 4-core ...
now is a scenario where there are 50 fields under field A, and these fields are of the same type as the parser. You don t want to specify one by one manually. You want to set the template. but I m afraid that setting a template will affect all field...
use slf4j to type log the visit record of the website into the text, and want to count the log data according to the difference. Is there any good plan for mysql, to write about ? Do I really have to write complex shell scripts, count them according to d...
the architecture is simple: filebeat collects nginx logs, output to logstash logstash format and then output to elasticsearch There is nothing to say about the configuration of filebeat but to send the access.log of nginx directly to logstash ...