logstash--使用ngxlog收集windows日志
2021-05-15 12:49
标签:other files available 配置文件 plain ring windows日志 json pos 收集流程 1nxlog => 2logstash => 3elasticsearch 1. nxlog 使用模块 im_file 收集日志文件,开启位置记录功能 2. nxlog 使用模块tcp输出日志 3. logstash 使用input-tcp ,收集日志,并格式化,输出至es windows上面的nxlog配置文件 nxlog.conf logstash的启动配置文件 logstash.conf logstash--使用ngxlog收集windows日志 标签:other files available 配置文件 plain ring windows日志 json pos 原文地址:https://www.cnblogs.com/a-du/p/8243770.html
## This is a sample configuration file. See the nxlog reference manual about the
## configuration options. It should be installed locally and is also available
## online at http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html
## Please set the ROOT to the folder your nxlog was installed into,
## otherwise it will not start.
#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
#
# Module im_msvistalog
# For windows 2003 and earlier use the following:
# Module im_mseventlog
#
Module im_file
File
"C:\\test\\\*.log"
SavePos TRUE
# Include JSON and raw formats
# Exec $Message = to_json() + " " + $raw_event;
/Input
>
Module om_tcp
Host 10.8.210.29
Port 514
/Output
>
Path testfile => out
/Route
>
input {
tcp {
port => 514
}
}
filter {
json {
source
=>
"message"
}
}
output{
elasticsearch {
host =>
"127.0.0.1"
port =>
"9200"
protocol =>
"http"
}
}
下一篇:java中的锁——列队同步器
文章标题:logstash--使用ngxlog收集windows日志
文章链接:http://soscw.com/essay/85765.html