Logstash 在日志存储输出中使用生成的字段
我试图在Logstash中创建一个syslog转发器,它将读取syslog消息(或其他格式),并输出syslog 这是我的输出配置:Logstash 在日志存储输出中使用生成的字段,logstash,Logstash,我试图在Logstash中创建一个syslog转发器,它将读取syslog消息(或其他格式),并输出syslog 这是我的输出配置: output { stdout { debug => true debug_format => "json"} syslog { appname => "gulfstream" facility => "daemon" host => "127.0.0.1"
output {
stdout { debug => true debug_format => "json"}
syslog {
appname => "gulfstream"
facility => "daemon"
host => "127.0.0.1"
port => "514"
protocol => "tcp"
severity => "%{severity}"
}
}
{"@source":"file://ubuntu/etc/nbase/gs-switch-1/g150.log","@tags":[],"@fields":{"severity":["error"],"message":["eb3|9ac47fc nbstub.py:_refresh_socket 5 abxc"]},"@timestamp":"2013-05-14T18:35:13.095Z","@source_host":"ubuntu","@source_path":"/etc/nbase/gs-switch-1/g150.log","@message":"E 2013-05-13 16:47:15,1265 eb3|9ac47fc nbstub.py:_refresh_socket 5 abxc","@type":"gs-switch"}
“@fields”:{“严重性”}severity=>%{@fields.severity}%{severity}Invalid setting for syslog output plugin:
output {
syslog {
# This setting must be a ["emergency", "alert", "critical", "error", "warning", "notice", "informational", "debug"]
# Expected one of ["emergency", "alert", "critical", "error", "warning", "notice", "informational", "debug"], got ["%{@message}"]
severity => ["%{severity}"]
...
}
} {:level=>:error}
有人能指出我做错了什么吗?我认为您正在寻找的功能目前尚未实现。我能看出它的必要性,并且已经加了一张票让它进去。检查这里我认为您正在寻找的功能目前尚未实现。我能看出它的必要性,并且已经加了一张票让它进去。Check here讨论了logstash谷歌集团,得出了相同的结论。我打开了1091号票,然后才看到这个回复。不过,这仍然是正确的答案——谢谢。我们就logstash谷歌集团进行了讨论,得出了相同的结论。我打开了1091号票,然后才看到这个回复。不过,这仍然是正确的答案——谢谢。