一 : 客户端 logstash.conf 配置文件
- input {
- file {path =>"/usr/local/nginx/logs/access.log"type = >"nginxlog"start_position = >"beginning"#sincedb_path = >"/home/logstash/sincdb.nginxlog"
- }
- }
- filter {
- if [type] == "nginxlog" {
- grok {
- match = >["message", "%{COMMONAPACHELOG}"]
- }
- date {
- match = >["timestamp", "dd/MMM/yyyy:HH:mm:ss Z"]
- }
- }
- }
- output {
- stdout {
- codec = >rubydebug
- }
- elasticsearch {
- hosts = >"elk.test.com:9200"
- }
- }
- ######################################################## 下面是 kibana 上面显示的日志内容
- "request" => "/",
- "auth" => "-",
- "ident" => "-",
- "verb" => "GET",
- "message" => "192.168.216.1 - - [22/Nov/2017:16:28:41 +0800] \"GET / HTTP/1.1\"499 0 \"-\"\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0\"","type"=>"nginxlog","path"=>"/usr/local/nginx/logs/access.log","@timestamp"=> 2017-11-22T08:28:41.000Z,"response"=>"499","bytes"=>"0","clientip"=>"192.168.216.1","@version"=>"1","host"=>"nginx.test.com","httpversion"=>"1.1","timestamp"=>"22/Nov/2017:16:28:41 +0800"
二 添加图像
1 查看 ip 访问次数
2 添加访问网站返回状态码的次数
3 添加访问网站路径的次数, 这个选择的是 Data table 类型
4 添加统计网站各个时间段的请求响应传输量分布选择的, Area chart 类型
5 统计各个日志路径的数目 (系统上面所有日志的路径)
三 保存 dasbord, 把上面的五个图可以同时显示在一个页面之上
1 第一步添加完成之后, 就会跳到第二部, 保存即可
来源: http://www.bubuko.com/infodetail-2520899.html