input {
syslog {
port => 5514
codec => "json"
}
file {
path => "/var/externallogs_maven/data"
type => "nexus-log"
start_position => "beginning"
}
}
filter {
grok {
type => "nexus-log"
match => [
"message", "\b\w+\b\s/nexus/content/repositories/(?<repositories>[^/]+)",
"message", "(?<mytimestamp>%{MONTHDAY}/%{MONTH}/%{YEAR}:%{HOUR}:%{MINUTE}:%{SECOND} %{ISO8601_TIMEZONE})"
]
}
date{
match => ["mytimestamp", "dd/MMM/YYYY:HH:mm:ss Z" ]
}
}
output {
elasticsearch{
host => es
port => 9300
cluster => "elkjepp"
protocol => "transport"
}
stdout { codec => rubydebug }
}