35 lines
632 B
Plaintext
35 lines
632 B
Plaintext
input {
|
|
gelf {
|
|
id => "gelf_docker"
|
|
type => docker
|
|
port => 12201
|
|
}
|
|
}
|
|
|
|
filter {
|
|
mutate {
|
|
remove_field => [ "host" ]
|
|
}
|
|
json {
|
|
source => "message"
|
|
target => "jsoncontent"
|
|
}
|
|
if [jsoncontent][response][body] {
|
|
mutate {
|
|
add_field => { "data" => "%{[jsoncontent][response][body]}" }
|
|
remove_field => [ "[jsoncontent][response][body]" ]
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
output {
|
|
elasticsearch {
|
|
index => "logs-%{tag}-%{+YYYY.MM.dd}"
|
|
hosts => "elasticsearch:9200"
|
|
user => "logstash_internal"
|
|
password => "${LOGSTASH_INTERNAL_PASSWORD}"
|
|
action => "create"
|
|
}
|
|
}
|