Hi,
Can someone help me with nginx logs please.
I have full nginx log:
2021-12-28T17:00:34+00:00 site="demo" server="demotest" dest_port="443" dest_ip="172.19.0.3" src="172.31.27.65" src_ip="172.31.27.65" user="-" time_local="28/Dec/2021:17:00:34 +0000" protocol="HTTP/1.1" status="200" bytes_out="1076" bytes_in="914" http_referer="-" http_user_agent="ELB-HealthChecker/2.0" nginx_version="1.21.4" http_x_forwarded_for="-" http_x_header="-" uri_query="-" uri_path="/" http_method="GET" response_time="0.000" cookie="-" request_time="0.000" category="text/html" https="on"
So i have updated filebeat/module/nginx/access/ingest/default.json to this:
"patterns":[
"%{TIMESTAMP_ISO8601:nginx.access.time} site="%{DATA:nginx.access.server_name}" dest_port="%{NUMBER:nginx.access.server_port}" dest_ip="%{IP_LIST:nginx.access.server_addr}" src="%{IP_LIST:nginx.access.remote_ip_host}" src_ip="%{IP_LIST:nginx.access.remote_ip_list}" user="%{DATA:nginx.access.user_name}" time_local="%{GREEDYDATA:nginx.access.time_local}" protocol="%{DATA:nginx.access.http_version}" status="%{NUMBER:nginx.access.response_code}" bytes_out="%{NUMBER:nginx.access.body_sent.bytes}" bytes_in="%{NUMBER:nginx.access.body_received.bytes}" http_referer="%{GREEDYDATA:nginx.access.referrer}" http_user_agent="%{DATA:nginx.access.agent}" nginx_version="%{NUMBER:nginx.access.nginx_version}" http_x_forwarder_for="%{DATA:nginx.access.http_x_forwarder_for}" http_x_header="%{DATA:nginx.access.http_x_header}" uri_query="%{DATA:nginx.access.query_string}" uri_path="%{DATA:nginx.access.url}" http_method="%{DATA:nginx.access.method}" response_time="%{NUMBER:nginx.access.response.seconds}" cookie="%{GREEDYDATA:nginx.access.cookie}" request_time="%{NUMBER:nginx.access.request.seconds}" category="%{DATA:nginx.access.category}" https="%{DATA:nginx.accesshttps}""
]
What i am doing wrong?
Thank you so much