Add logstash rules to parse libvirtd.txt

Change-Id: I09185dae08d46821f804e3ad43205205aab9345c
This commit is contained in:
Joe Gordon 2014-01-30 17:04:22 -08:00
parent 4698b088a2
commit e78d152c2a
1 changed files with 7 additions and 0 deletions

View File

@ -78,6 +78,13 @@ filter {
add_field => { "logdate" => "%{timestamp}" }
add_field => { "logmessage" => "%{verb} %{request} %{response}" }
}
} else if "libvirtd" in [tags] {
grok {
# libvirtd grok filter adapted from
# https://github.com/OpenStratus/openstack-logstash/blob/master/agent.conf
match => { "message" => "%{TIMESTAMP_ISO8601:logdate}:%{SPACE}%{NUMBER:pid}:%{SPACE}%{LOGLEVEL:loglevel}%{SPACE}:%{SPACE}%{GREEDYDATA:logmessage}" }
add_field => { "received_at" => "%{@timestamp}" }
}
} else if "syslog" in [tags] {
grok {
# Syslog grok filter adapted from