Add logstash rules to parse libvirtd.txt
Change-Id: I09185dae08d46821f804e3ad43205205aab9345c
This commit is contained in:
parent
4698b088a2
commit
e78d152c2a
|
@ -78,6 +78,13 @@ filter {
|
||||||
add_field => { "logdate" => "%{timestamp}" }
|
add_field => { "logdate" => "%{timestamp}" }
|
||||||
add_field => { "logmessage" => "%{verb} %{request} %{response}" }
|
add_field => { "logmessage" => "%{verb} %{request} %{response}" }
|
||||||
}
|
}
|
||||||
|
} else if "libvirtd" in [tags] {
|
||||||
|
grok {
|
||||||
|
# libvirtd grok filter adapted from
|
||||||
|
# https://github.com/OpenStratus/openstack-logstash/blob/master/agent.conf
|
||||||
|
match => { "message" => "%{TIMESTAMP_ISO8601:logdate}:%{SPACE}%{NUMBER:pid}:%{SPACE}%{LOGLEVEL:loglevel}%{SPACE}:%{SPACE}%{GREEDYDATA:logmessage}" }
|
||||||
|
add_field => { "received_at" => "%{@timestamp}" }
|
||||||
|
}
|
||||||
} else if "syslog" in [tags] {
|
} else if "syslog" in [tags] {
|
||||||
grok {
|
grok {
|
||||||
# Syslog grok filter adapted from
|
# Syslog grok filter adapted from
|
||||||
|
|
Loading…
Reference in New Issue