Logstash type来标记事件类型,通过type判断

/*************** 根据type判断
input {
        file {
                type => "zj_frontend_access"
                path => ["/data01/applog_backup/zjzc_log/zj-frontend0*access*"]
        }
    
       file { 
                type => "wj_frontend_access" 
                path => ["/data01/applog_backup/winfae_log/wj-frontend0*access*"] 
        } 

 
}
filter {
    grok {
        match => {
            "message" => "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?

<http_referer>\S+)\" \"(?<http_user_agent>\S+)\" \"(?<http_x_forwarded_for>\S+)\""
        }
    }   
}



output {
     if [type] == "zj_frontend_access" { 
        redis {
                host => "192.168.32.67