forked from elastic/logstash
-
Notifications
You must be signed in to change notification settings - Fork 0
/
001.config
37 lines (33 loc) · 1.21 KB
/
001.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
cd ~/projects/logstash
%E rm ~/projects/logstash/etc/logstash-demo.yaml
vi etc/logstash-demo.yaml
:set paste
%K control+l
i
# Remember that logstash provides a way to specify inputs, filters, and
# outputs. For this demo, I'll just show inputs + outputs
---
inputs:
# You can also tag inputs for easier handling later in your pipeline.
linux-syslog: # this is the 'linux-syslog' tag
- /var/log/messages # watch /var/log/messages (uses eventmachine-tail)
- /var/log/kern.log
- /var/log/auth.log
- /var/log/user.log
apache-access: # similar, different tag.
- /var/log/apache2/access.log
apache-error:
- /var/log/apache2/access.log
#other:
#- amqp://myamqpserver/fanout/rawlogs # an amqp fanout as input
#- amqp://myamqpserver/topic/rawlogs # an amqp topic as input
#- syslog:/// # take input via syslog protocol over the network
outputs:
#- amqp://myamqpserver/topic/logs # broadcast logs to an AMQP topic
#- mongodb://mongoserver/logs # store events in mongodb
#- stdout:/// # send to stdout (like tail -f, but better)
#- syslog://syslogserver/ # send to another syslog server
- websocket:/// # send to websockets
%E sleep 3
%K Escape
ZZ