[rsyslog-notify] Forum Thread: Re: Rsylog Rulebase for apache acess log and logstash-access - (Mode 'edit_last_post')
noreply at adiscon.com
noreply at adiscon.com
Mon Nov 30 15:31:40 CET 2015
User: Butler
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26207#p26207
Message:
----------
[quote="pankaj17"]I'm referring
http://linux-help.org/wiki/logging/advanced-rsyslog for Apache log
centralization and feeding data to elasticserach:
But data is not getting inserted into elasticsearch:
[/quote]
Hello
You found the solution? I try your configuration, RSyslog actually sends
this message to Elastic
[code]{
"@timestamp":"2015-11-27T15:49:59+01:00",
"message":"192.168.101.62 - - [27/Nov/2015:15:49:58 +0100] \"GET
/mac/customer/ticket/tickets-data-loaded.do?clientTime=1448635799539&lastCallTime=1448635789486&_=1448635799540
HTTP/1.1\" 200 2184 \"http://xxxxxx/mac/customer/home.do\" \"Mozilla/5.0
(Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0\" ",
"host":"193.56.56.56",
"@source_host":"rp4",
"tag":"apache-access",
"vhost":"",
"bytes":"",
"clientip":"",
"method":"",
"request":"",
"pversion":"",
"referrer":"",
"useragent":"",
"status":""
}[/code]
More information about the rsyslog-notify
mailing list