Streaming Media Log Analyze

Elastic Stack Logstash
1

Hi all,

I am the new user with the ELK system.

I've setup the ELK server and running OK.

Now I want to analyze the streaming Media logs (Videos, Flash, etc...) is put the the client servers (Filebeats is installed on the client servers).

Here are a sample log:
145.116.135.62 - - [01/Jul/2016:00:00:01 +0000] "GET http://sww.123w.sjye.net/213DW0/213-live/hls/AHYWHSAudioNum213.ts HTTP/1.1" 200 82223 "https://mediaplatform.streamingmediahosting.com/html5/html5lib/v2.35/mwEmbedFrame.php/p/11523/uiconf_id/6711532/entry_id/0_zkqmb17e?wid=_11523&iframeembed=true&playerId=smh_player&entry_id=0_zkqmb17e&flashvars[streamerType]=rtmp" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_2 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13F69 Safari/601.1"
108.183.255.46 - - [01/Jul/2016:00:00:00 +0000] "GET http://sds.dqa323.dsja.net/212CXX/321-live/hls/3213AudioNum23.ts HTTP/1.1" 200 82249 "https://mediaplatform.streamingmediahosting.com/html5/html5lib/v2.35/mwEmbedFrame.php/p/11523/uiconf_id/6711532/entry_id/0_k4ss52rz?wid=_11523&iframeembed=true&playerId=smh_player&entry_id=0_k4ss52rz&flashvars[streamerType]=rtmp" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_2 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13F69 Safari/601.1"

How can I analyze this logs, and what change I must do on filebeat conf and logstash conf?

2

That looks like a standard apache log format.

Have a read of https://www.elastic.co/guide/en/logstash/current/advanced-pipeline.html

1 Like
3

thanhs @warkolm, i will try it and let you know the result. :slight_smile: