Hi Team,
I wrote this small logstash config. in which i just want to pick up some data and when the data comes it gets filter, and in the output section when the data comes it send an email.
input{
file {
type => "dummylog"
path => ["/root/sample.log"]
}
}
filter {
grok {
match => {
"message" => '%{IPORHOST:remote_ip} - %{DATA:user_name} \[%{HTTPDATE:time}\] "%{WORD:request_action} %{DATA:request} HTTP/%{NUMBER:http_version}" %{NUMBER:response} %{NUMBER:bytes} "%{DATA:referrer}" "%{DATA:agent}"'
}
}
date {
match => [ "time", "dd/MMM/YYYY:HH:mm:ss Z" ]
locale => en
}
geoip {
source => "remote_ip"
target => "geoip"
}
useragent {
source => "agent"
target => "user_agent"
}
}
output{
email {
to => "*******@gmail.com"
address => "smtp.gmail.com"
port => "465"
via => "smtp"
username => ""
password => ""
from =>""
subject => "Email Testing from logstash"
body =>"This is Working now"
}
}
Here I'm confused in the output section, like i'f i'm giving from => xxxx@gmail.com, so where do i give that xxxx@gmail.com's credentials and also where do i give the mail server credentials, if there is any particular mail server.
really need help in this guys.
Thanks and Regards,
Sagar Mandal