这是我在/etc/logstash/conf.d/apachelog.conf中的conf文件(下图)...我没看到kibana中的索引
但是当我输入这个命令时它工作/ opt / logstash / bin / logstash -f /etc/logstash/conf.d/apachelog.conf我看到elasticsearch中的索引
当我重新启动我的服务时,我想启动它,例如“service logstash start”
input {
file {
path => "/var/log/apache2/access.log"
type => "apache_log" # a type to identify those logs (will need this later)
start_position => "beginning"
sincedb_path => "/dev/null" #to clear since db
}
}
filter {
grok {
match=> { message => "%{COMBINEDAPACHELOG}" }
}
date {
locale => "en"
match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}
output {
#stdout { }
elasticsearch {
hosts => ["localhost:9200"]
sniffing => true
manage_template => false
index => "mylogs"
}
}