Monitoring the logstash postfix queue

KaPBaJIOJI · August 11, 2021, 5:16am

Hi all, mb its stupid idei, but i want monitoring postfix queue .
I write in file "data", "hostname", "count", how can I transfer this data to elastic?
at the moment, i am parse postfix logs, thanks to GitHub - whyscream/postfix-grok-patterns: Logstash configuration and grok patterns for parsing postfix.
And i add in filter logstash

filter {
    grok {
          match => { "message" => "%{SYSLOGTIMESTAMP:timestamp} %{SYSLOGHOST} %{DATA:program}(?:\[%{POSINT}\])?: %{GREEDYDATA:message}" }
          match => { "message" => "%{SYSLOGTIMESTAMP:timestamp} %{HOSTNAME} %{NUMBER:postfix_queue}" }
          overwrite => ["timestamp", "message"]
   }

match => { "message" => "%{SYSLOGTIMESTAMP:timestamp} %{HOSTNAME} %{NUMBER:postfix_queue}" }
add in filebeat.yml
- /var/log/postfix_queue.log
I understand that now need to create a new field in the postfix_queue index?

system · September 8, 2021, 5:16am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Count message for user Logstash	2	390	April 27, 2018
Logstash 6.6.2 unable to read postfix maillog and there is no error in the log Logstash	2	361	April 22, 2019
Try to Parsing Postfix Log Using Logstash Logstash	7	2521	January 3, 2022
Parsing Syslog to Logstash Logstash	6	488	March 10, 2020
Postfix monitoring using ELK Logstash	4	568	March 13, 2024

Monitoring the logstash postfix queue

Related topics