dxin/Work-configuration-file
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更改

Browse Source
This commit is contained in:
dxin
2025-10-16 18:06:07 +08:00
parent 82a4aa0e14
commit 22fdb86b41
18 changed files with 416 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
filebast/sit/filebeat.yml
View File

@@ -1,7 +1,7 @@
setup.template.name: "lessie-sit"
setup.template.pattern: "lessie-sit*"
setup.template.enabled: true
setup.ilm.enabled: true
setup.template.name: "sit-flymoonlog"
setup.template.pattern: "sit-flymoonlog*"
@@ -19,33 +19,42 @@ processors:
- dissect:
when:
equals:
log_type: sys-info
tokenizer: '%{timestamp} [%{thread}] %{log_level} %{class_name} - [%{method},%{line}] - %{message}'
log_type: admin.log
tokenizer: '%{timestamp} [%{thread}] %{log_level} %{log_message}'
field: "message"
target_prefix: "parsed_sys_info"
# - include_fields:
# fields: ["@timestamp", "log_type", "message", "application", "host.ip", "host.name", "log.file.path", "parsed_sys_info.timestamp", "parsed_sys_info.log_level", "parsed_sys_info.message", "parsed_sys_info.method", "parsed_sys_info.thread", "_id", "_index" ]
ignore_missing: true
overwrite_keys: false
- dissect:
when:
equals:
log_type: sys-error
tokenizer: '%{timestamp} [%{thread}] %{log_level} %{logger} - [%{method},%{line}] - %{message}'
log_type: email.log
tokenizer: '%{timestamp} [%{thread}] %{level} %{class} - [%{method_line}] - %{message}'
field: "message"
target_prefix: "parsed_sys_error"
# - include_fields:
# fields: ["@timestamp", "log_type", "message", "application", "host.ip", "host.name", "log.file.path", "parsed_sys_info.timestamp", "parsed_sys_info.log_level", "parsed_sys_info.message", "parsed_sys_info.method", "parsed_sys_info.thread", "_id", "_index", "parsed_sys_info.logger" ]
target_prefix: "mylog"
ignore_missing: true
overwrite_keys: true
- dissect:
when:
equals:
log_type: sys-user
tokenizer: '%{timestamp} [%{thread}] %{log_level} %{module} - [%{method},%{line}] - %{message}'
log_type: agent.log
tokenizer: '%{timestamp} %{level} - [%{method},%{line}] - %{message}'
field: "message"
target_prefix: "parsed_sys_user"
# - include_fields:
# fields: ["@timestamp", "log_type", "message", "application", "host.ip", "host.name", "log.file.path", "parsed_sys_info.timestamp", "parsed_sys_info.log_level", "parsed_sys_info.message", "parsed_sys_info.method", "parsed_sys_info.thread", "_id", "_index", "parsed_sys_info.module" ]
target_prefix: "mylog"
ignore_missing: true
overwrite_keys: true
- dissect:
when:
equals:
log_type: payment.log
tokenizer: '%{timestamp} [%{thread}] %{level} %{class} - [%{method},%{line}] - %{message}'
field: "message"
target_prefix: "mylog"
ignore_missing: true
overwrite_keys: true
#输出
@@ -53,7 +62,7 @@ output.elasticsearch:
hosts: ["http://192.168.60.21:9200"]
username: "admin"
password: "123456"
index: "sit-flymoonlog-%{[environment]}-%{[application]}-%{+yyyy.MM}" # 按分割索引
index: "%{[environment]}-%{[application]}-%{+yyyy.MM.dd}" # 按分割索引
bulk_max_size: 50 # 单批次传输最大文档数
worker: 1 # 并行工作线程数
timeout: 15s