+
This commit is contained in:
dxin
@@ -37,6 +37,7 @@ processors:
|
||||
ignore_missing: true
|
||||
overwrite_keys: true
|
||||
|
||||
|
||||
- dissect:
|
||||
when:
|
||||
equals:
|
||||
@@ -47,6 +48,7 @@ processors:
|
||||
ignore_missing: true
|
||||
overwrite_keys: true
|
||||
|
||||
|
||||
- dissect:
|
||||
when:
|
||||
equals:
|
||||
@@ -60,12 +62,12 @@ processors:
|
||||
|
||||
#输出
|
||||
output.elasticsearch:
|
||||
hosts: ["http://192.168.60.21:9200"]
|
||||
hosts: ["http://192.168.70.16:9200"]
|
||||
username: "admin"
|
||||
password: "123456"
|
||||
index: "%{[environment]}-%{[application]}-%{+yyyy.MM.dd}" # 按天分割索引
|
||||
bulk_max_size: 50 # 单批次传输最大文档数
|
||||
worker: 1 # 并行工作线程数
|
||||
worker: 1 # 并行工作线程数
|
||||
timeout: 15s
|
||||
|
||||
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
- type: log
|
||||
id: sit_flymoon-payment
|
||||
id: sit_lymoon-payment
|
||||
enabled: true
|
||||
paths:
|
||||
- /root/logs/flymoon-payment/sys-info.log
|
||||
- /root/logs/flymoon-payment/app.log
|
||||
fields:
|
||||
application: flymoon-payment
|
||||
log_type: payment.log
|
||||
environment: sit
|
||||
instance: sit-server
|
||||
instance: sit
|
||||
fields_under_root: true
|
||||
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}'
|
||||
multiline.negate: true
|
||||
@@ -18,4 +18,3 @@
|
||||
close_inactive: 5m # 文件超过5分钟无更新则关闭
|
||||
close_renamed: true # 处理被重命名的文件
|
||||
start_position: beginning # 从文件的开头读取
|
||||
|
||||
|
||||
@@ -2,12 +2,12 @@
|
||||
id: sit_flymoon-admin
|
||||
enabled: true
|
||||
paths:
|
||||
- /root/logs/flymoon-admin/sys-info.log
|
||||
- /root/logs/flymoon-admin/app.log
|
||||
fields:
|
||||
application: flymoon-admin # 自定义字段,标识应用名称
|
||||
log_type: admin.log # 自定义字段,标识日志类型
|
||||
environment: sit # 自定义字段,标识机器环境名称
|
||||
instance: sit-server # 自定义字段,标识机器名称
|
||||
environment: sit # 自定义字段,标识机器环境名称
|
||||
instance: sit # 自定义字段,标识机器名称
|
||||
fields_under_root: true
|
||||
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}' # 针对info的日志格式
|
||||
multiline.negate: true
|
||||
|
||||
@@ -2,12 +2,12 @@
|
||||
id: sit_flymoon-agent
|
||||
enabled: true
|
||||
paths:
|
||||
- /root/logs/flymoon-agent/sys-info.log
|
||||
- /root/logs/flymoon-agent/app.log
|
||||
fields:
|
||||
application: flymoon-agent # 自定义字段,标识应用名称
|
||||
log_type: agent.log # 自定义字段,标识日志类型
|
||||
environment: sit # 自定义字段,标识机器环境名称
|
||||
instance: sit-server # 自定义字段,标识机器名称
|
||||
instance: sit # 自定义字段,标识机器名称
|
||||
fields_under_root: true
|
||||
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}' # 针对email的sys-info.log的日志格式多行
|
||||
multiline.negate: true
|
||||
@@ -17,7 +17,4 @@
|
||||
clean_inactive: 25h # 清除超过一天未更新的文件
|
||||
close_inactive: 5m # 文件超过5分钟无更新则关闭
|
||||
close_renamed: true # 处理被重命名的文件
|
||||
start_position: beginning # 从文件的开头读取
|
||||
|
||||
|
||||
|
||||
start_position: beginning # 从文件的开头读取
|
||||
Reference in New Issue
Block a user