elk 监控报警

使用logstash output 模块 mail{}.判断message关键字.

output {


    if "ERROR" in [message] {
        email {
            to => "xxxx@xxxx"
            from => "xxxx@xxxx"
            address => "smtp.xxxx"
            username => "xxxx@xxxx"
            password => "xxxx"
            subject => "bxx"
            body => "bxx logs"
            htmlbody => "%{message}"
        }
    }
    if "hehehe" in [message] {
        email {
            to => "xxxx@xxxx.com"
            from => "xxxx"
            address => "smtp.xxxx"
            username => "xxxx@xxx"
            password => "xxxx"
            subject => "bxxx"
            body => "bxxxx hehehehe"
            htmlbody => "%{message}"
        }

    }

    elasticsearch {
        hosts => ["192.168.12.54:9200"]
        index => "%{[fields][type]}111-%{+YYYY.MM.dd}"
user => elastic
password => xxxx
    } 
}
发布了73 篇原创文章 · 获赞 11 · 访问量 82万+
展开阅读全文

没有更多推荐了,返回首页

©️2019 CSDN 皮肤主题: 编程工作室 设计师: CSDN官方博客

分享到微信朋友圈

×

扫一扫,手机浏览