Skip to content

Instantly share code, notes, and snippets.

@jippi

jippi/conf

Created June 19, 2013 21:05
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save jippi/5818038 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save jippi/5818038 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
conf
input {
file {
path => "/var/log/apache2/access.log.json"
format => json_event
type => apache
}
}
filter {
geoip {
source => "client"
add_tag => [ "geo" ]
add_field => [ "geo_json", "%{geoip.longitude},%{geoip.latitude}"]
}
mutate {
split => [ "geo_json", "," ]
tags => [ "geo" ]
}
}
output {
stdout { debug => true }
# elasticsearch_http {
# host => "es01.bownty.net"
# }
}
Raw
out.json
}
{
"@source" => "file://ip-10-33-129-37//var/log/apache2/access.log.json",
"@tags" => [
[0] "geo"
],
"@fields" => {
"client" => "157.55.43.27",
"duration_usec" => 75992,
"status" => 200,
"request" => "/logo/newsletter/7618197cc86d588e86c4f632c4816eaf.png?hash=7618197cc86d588e86c4f632c4816eaf",
"urlpath" => "/logo/newsletter/7618197cc86d588e86c4f632c4816eaf.png",
"urlquery" => "?hash=7618197cc86d588e86c4f632c4816eaf",
"bytes" => 5162,
"vhost" => "en.bownty.com",
"method" => "GET",
"referrer" => "-",
"geoip" => {
"ip" => "157.55.43.27",
"country_code2" => "US",
"country_code3" => "USA",
"country_name" => "United States",
"continent_code" => "NA",
"region_name" => "",
"city_name" => "",
"postal_code" => "",
"latitude" => 38.0,
"longitude" => -97.0,
"dma_code" => 0,
"area_code" => 0,
"timezone" => nil
},
"geo_json" => [
[0] "-97.0,38.0"
]
},
"@timestamp" => "2013-06-19T23:04:55+0200",
"@source_host" => "ip-10-33-129-37",
"@source_path" => "//var/log/apache2/access.log.json",
"@type" => "apache"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment