关闭

logstash 处理nginx 错误日志

1093人阅读 评论(0) 收藏 举报
分类:
2016/08/30 14:52:02 [error] 11325#0: *346 open() "/var/www/zjzc-web-frontEnd/%27%22%2f%3E%3C%2fscript%3E%3Cscript%3Ealert%28%29%3C%2fscript%3E" failed (2: No such file or directory), client: 10.171.246.184, server: localhost, request: "GET /%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E HTTP/1.1", host: "www.zjcap.cn", referrer: "https://www.zjcap.cn/%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E"


(?<timestamp>%{YEAR}[./-]%{MONTHNUM}[./-]%{MONTHDAY}[- ]%{TIME}) \[%{LOGLEVEL:severity}\] %{POSINT:pid}#%{NUMBER}: %{GREEDYDATA:errormessage}(?:, client: (?<remote_addr>%{IP}|%{HOSTNAME}))(?:, server: %{IPORHOST:server}?)(?:, request: %{QS:request})?(?:, upstream: (?<upstream>\"%{URI}\"|%{QS}))?(?:, host: %{QS:request_host})?(?:, referrer: \"%{URI:referrer}\")?

{
  "timestamp": [
    "2016/08/30 14:52:02"
  ],
  "severity": [
    "error"
  ],
  "pid": [
    "11325"
  ],
  "errormessage": [
    "*346 open() "/var/www/zjzc-web-frontEnd/%27%22%2f%3E%3C%2fscript%3E%3Cscript%3Ealert%28%29%3C%2fscript%3E" failed (2: No such file or directory)"
  ],
  "remote_addr": [
    "10.171.246.184"
  ],
  "server": [
    "localhost"
  ],
  "request": [
    ""GET /%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E HTTP/1.1""
  ],
  "upstream": [
    null
  ],
  "port": [
    null,
    null
  ],
  "request_host": [
    ""www.zjcap.cn""
  ],
  "referrer": [
    "https://www.zjcap.cn/%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E"
  ]
}

1
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:1314078次
    • 积分:40481
    • 等级:
    • 排名:第96名
    • 原创:2865篇
    • 转载:14篇
    • 译文:0篇
    • 评论:51条
    文章分类
    最新评论