apache error log logstash grok pattern

apache error log logstash grok pattern# DataBase/Elasticsearch2021. 4. 14. 15:24@다크쉐라빔

Table of Contents

728x90

아파치 에러로그

[Sun Jan 31 16:07:40.266665 2021] [access_compat:error] [pid 14356] [client 18.183.46.74:50067] AH01797: client denied by server configuration: /DATA/darksharavim/html/xmlrpc.php

grok filter 설정값

\[(?<timestamp>%{DAY:day} %{MONTH:month} %{MONTHDAY} %{TIME} %{YEAR})\] \[.*:%{LOGLEVEL:loglevel}\] \[pid %{NUMBER:pid}\] \[client %{IP:clientip}:.*\] %{GREEDYDATA:errormsg}

결과값

{
  "timestamp": [
    "Sun Jan 31 16:07:40.266665 2021"
  ],
  "day": [
    "Sun"
  ],
  "month": [
    "Jan"
  ],
  "loglevel": [
    "error"
  ],
  "pid": [
    "14356"
  ],
  "clientip": [
    "18.183.46.74"
  ],
  "errormsg": [
    "AH01797: client denied by server configuration: /DATA/darksharavim/html/xmlrpc.php"
  ]
}

728x90

저작자표시

'# DataBase > Elasticsearch' 카테고리의 다른 글

elasticsearch 8.2.3 install (0)	2022.06.16
elasticsearch - disk usage exceeded (0)	2021.04.26
[trouble shooting]master_not_discovered_exception (0)	2021.04.07
[trouble shooting]memory locking requested for elasticsearch process but memory is not locked (0)	2021.04.07
logstash debug test (0)	2021.04.06

@다크쉐라빔 :: 다크쉐라빔의 주절주절

안녕하세요. 이곳은 IT위주의 잡다한 정보를 올려두는 개인 블로그입니다.

포스팅이 좋았다면 "좋아요❤️" 또는 "구독👍🏻" 해주세요!

'# DataBase > Elasticsearch' 카테고리의 다른 글

티스토리툴바