X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/a92c80c41d88faa20123f2841cc335c37905f638..50592aea120c51878eefe62dd226d3658b679f8c:/cookbooks/logstash/templates/default/logstash.conf.erb diff --git a/cookbooks/logstash/templates/default/logstash.conf.erb b/cookbooks/logstash/templates/default/logstash.conf.erb index f6c207a61..429370ea5 100644 --- a/cookbooks/logstash/templates/default/logstash.conf.erb +++ b/cookbooks/logstash/templates/default/logstash.conf.erb @@ -9,14 +9,49 @@ input { filter { if [type] == "apache" { grok { - match => [ "message", "%{COMBINEDAPACHELOG} %{NUMBER:duration:int}us %{WORD:request_id} %{NOTSPACE:ssl_protocol} %{NOTSPACE:ssl_cipher}" ] + match => [ "message", "%{COMBINEDAPACHELOG} %{NUMBER:duration:int}us %{NOTSPACE:request_id} %{NOTSPACE:ssl_protocol} %{NOTSPACE:ssl_cipher}" ] } date { match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ] } + if [agent] == "-" { + mutate { + remove_field => [ "agent" ] + } + } else { + useragent { + source => "agent" + target => "useragent" + } + grok { + match => { "agent" => "%{JOSM:[useragent][name]=JOSM}/%{POSINT:[useragent][major]}\.%{POSINT:[useragent][minor]} \(%{POSINT:[useragent][patch]} \w+\) " } + overwrite => [ "[useragent][name]", "[useragent][major]", "[useragent][minor]", "[useragent][patch]" ] + tag_on_failure => [] + } + mutate { + rename => { "agent" => "[useragent][raw]" } + } + } } else if [type] == "rails" { json { source => "message" + remove_field => [ + "message", + "[parameters][authenticity_token]", + "[parameters][pass_crypt]", + "[parameters][pass_crypt_confirmation]", + "[parameters][utf8]" + ] + } + } + + if [host] =~ /^spike-/ { + mutate { + add_tag => [ "frontend" ] + } + } else if [host] =~ /^thorn-/ { + mutate { + add_tag => [ "backend" ] } } } @@ -24,5 +59,6 @@ filter { output { elasticsearch { host => [ "127.0.0.1" ] + cluster => "<%= node[:elasticsearch][:cluster][:name] %>" } }