Hi all
I make a file config to get log from apache.
input {
file{
type => "apache-access"
path => " /var/log/logstash/apache.log"
start_position => "beginning"
}
}
filter {
if "% Apache-" in [message]{
mutate {
add_tag => ["apache"]
}
grok {
match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program} (?\[POSINT:syslog_pid}\]?: %{GREEDYDATA:syslog_message}"]
add_field => [ "received_at","%{@timestamp}"]
add_field => [ "received_from", "%{host}"]
}
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}
output {
elasticsearch { hosts => localhost}
}
stdout { codec => rubydebug }
}
After that, i check it though command below:
/opt/logstash/bin/logstash –configtest -f /etc/logstash/conf.d/logstash_getlog_config.conf
It recomment me some error in there, however i can't fix them..
Could you check and show me what is my mistake and how can i fix it?
Regds