Tin Le TinLe
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curator --port 9217 --timeout 900 delete indices --timestring "%Y.%m.%d" --older-than 7 --time-unit days | |
| 2015-06-25 16:54:49,038 INFO Job starting: delete indices | |
| 2015-06-25 16:54:49,628 INFO Pruning Kibana-related indices to prevent accidental deletion. | |
| 2015-06-25 16:54:49,628 WARNING Very large list of indices. Breaking it up into smaller chunks. | |
| 2015-06-25 16:54:49,629 INFO Deleting indices as a batch operation: | |
| 2015-06-25 16:54:49,629 INFO ---deleting index dc1_fm-log_event-2015.06.12 | |
| 2015-06-25 16:54:49,629 INFO ---deleting index dc1_fm-log_event-2015.06.13 | |
| 2015-06-25 16:54:49,629 INFO ---deleting index dc1_fm-log_event-2015.06.14 | |
| 2015-06-25 16:54:49,629 INFO ---deleting index dc1_fm-log_event-2015.06.15 | |
| 2015-06-25 16:54:49,629 INFO ---deleting index dc1_fm-log_event-2015.06.16 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| file { | |
| path => "/var/log/maillog*" | |
| exclude => "*.gz" | |
| start_position => "beginning" | |
| type => "maillog" | |
| } | |
| } | |
| filter { | |
| if [type] == "maillog" { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "template" : "maillog-*", | |
| "order" : 1, | |
| "settings" : { | |
| "number_of_shards" : 2, | |
| "index.refresh_interval" : "90s" | |
| }, | |
| "mappings" : { | |
| "maillog" : { | |
| "properties" : { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Syslog stuff | |
| COMPONENT ([\w._\/%-]+) | |
| COMPID postfix\/%{COMPONENT:component}(?:\[%{NUMBER:pid}\])? | |
| POSTFIX (?:%{SYSLOGTIMESTAMP:timestamp}|%{TIMESTAMP_ISO8601:timestamp8601}) (?:%{SYSLOGFACILITY} )?%{SYSLOGHOST:logsource} %{COMPID}: | |
| # Milter | |
| HELO (?:\[%{IP:helo}\]|%{HOST:helo}|%{DATA:helo}) | |
| MILTERCONNECT %{QUEUEID:qid}: milter-reject: CONNECT from %{RELAY:relay}: %{GREEDYDATA:milter_reason}; proto=%{WORD:proto} | |
| MILTERUNKNOWN %{QUEUEID:qid}: milter-reject: UNKNOWN from %{RELAY:relay}: %{GREEDYDATA:milter_reason}; proto=%{WORD:proto} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ============================================================================= | |
| # logstash v1.5.0rc3 | |
| input { | |
| stdin {} | |
| } | |
| output { | |
| kafka { | |
| broker_list => "kafka-server:10251" |