代码语言:javascript复制
用途
监控syslog,监控系统运行情况
配置示例
input {
syslog {
port => 5000
type => "demo-syslog"
}
}
output {
stdout {
codec => rubydebug
}
}
启动
bin/logstash -f /etc/logstash/conf.d/demo-input-syslog.conf
测试
telnet localhost 5000
结果
{
"severity" => 0,
"@timestamp" => 2017-06-12T09:41:46.655Z,
"@version" => "1",
"host" => "127.0.0.1",
"message" => "heloooooooorn",
"type" => "demo-syslog",
"priority" => 0,
"facility" => 0,
"severity_label" => "Emergency",
"tags" => [
[0] "_grokparsefailure_sysloginput"
],
"facility_label" => "kernel"
}
