Versions Compared

Old Version 28

changes.mady.by.user Radu Gheorghe

Saved on

compared with

New Version 29

changes.mady.by.user Otis Gospodnetić

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
input {
  file {
    path => "/var/log/apache.log"
    start_position => "beginning"           # this will also send existing contents the first time you start Logstash
    add_field => { "source" => "apache" }   # add a source field, for easier filtering
 }
}

output {
  elasticsearch {
          hosthosts => "logsene-receiver.sematext.com:443"  # this is called "hosts" in Logstash 2.0+
          ssl => true               # (requires Logstash 1.5+) if you do not want to use SSL comment this out and change port to 80
          port => 443               # or 80 is you disabled SSL with ssl => false
          protocol => http          # omit this in Logstash 2.0+! On earlier
versions, this should NOT be changed to HTTPS even if you enable SSL with ssl => true
          index => "LOGSENE_APP_TOKEN_GOES_HERE"
          manage_template => false  # Logsene will manage templates for you
 }
}

...

Code Block
input {
  file {
    path => "/var/log/apache.log"
    add_field => { "source" => "apache" }   # add a source field, for easier filtering
    start_position => "beginning"
  }
}

filter {
  if [source] == "apache" {                 # only try to parse if logs are from the "apache" source
    grok {
      match => [ "message", "%{COMBINEDAPACHELOG}" ]
    }
  }
}

output {
  elasticsearch {
    hosthosts => "logsene-receiver.sematext.com:443"
    ssl => true
    port => 443
    protocol => http
    index => "LOGSENE_APP_TOKEN_GOES_HERE"
    manage_template => false
 }
}

...