关闭

logstash nginx 访问日志

690人阅读 评论(0) 收藏 举报
分类:
   log_format  main  '$remote_addr [$time_local] "$request" '
                      '$request_body $status $body_bytes_sent "$http_referer" "$http_user_agent" '
                      '$request_time $http_x_forwarded_for';
					  
	filter {
    grok {
        match => {
             "message" => "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)"
        }
    }   
}
{
                 "message" => " 10.168.102.19 [30/Aug/2016:14:53:05 +0800] \"GET /resources/plugins/artDialog/dialog-min.js?v=1&_=1472539986766 HTTP/1.1\" - 200 9946 \"https://wenjinbao.winfae.com/login.html\" \"Mozilla/5.0 (Linux; Android 5.1; HUAWEI RIO-UL00 Build/HUAWEIRIO-UL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/37.0.0.0 Mobile MQQBrowser/6.2 TBS/036558 Safari/537.36 MicroMessenger/6.3.23.840 NetType/WIFI Language/zh_CN\" 0.001 60.181.22.131",
                "@version" => "1",
              "@timestamp" => "2016-08-30T06:53:27.972Z",
                    "path" => "/data01/applog_backup/winfae_log/wj-frontend01-access.2016-08-30",
                    "host" => "dr-mysql01.zjcap.com",
                    "type" => "wj_frontend_access",
                "clientip" => "10.168.102.19",
                    "time" => "30/Aug/2016:14:53:05 +0800",
                    "verb" => "GET",
                 "request" => "/resources/plugins/artDialog/dialog-min.js?v=1&_=1472539986766",
             "httpversion" => "1.1",
        "http_status_code" => "200",
                   "bytes" => "9946",
            "http_referer" => "https://wenjinbao.winfae.com/login.html",
         "http_user_agent" => "Mozilla/5.0 (Linux; Android 5.1; HUAWEI RIO-UL00 Build/HUAWEIRIO-UL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/37.0.0.0 Mobile MQQBrowser/6.2 TBS/036558 Safari/537.36 MicroMessenger/6.3.23.840 NetType/WIFI Language/zh_CN",
            "request_time" => "0.001",
    "http_x_forwarded_for" => "60.181.22.131"
}				  

0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:1388731次
    • 积分:41632
    • 等级:
    • 排名:第92名
    • 原创:2896篇
    • 转载:14篇
    • 译文:0篇
    • 评论:54条
    文章分类
    最新评论