Skip to content

Instantly share code, notes, and snippets.

@pblittle
Last active January 7, 2022 01:58
Show Gist options
  • Save pblittle/8778567 to your computer and use it in GitHub Desktop.
Save pblittle/8778567 to your computer and use it in GitHub Desktop.
input {
stdin {
type => "stdin-type"
}
file {
type => "syslog"
path => [ "/var/log/*.log", "/var/log/messages", "/var/log/syslog" ]
}
file {
type => "logstash"
path => [ "/var/log/logstash/logstash.log" ]
start_position => "beginning"
}
}
filter {
if [type] == "docker" {
json {
source => "message"
}
mutate {
rename => [ "log", "message" ]
}
date {
match => [ "time", "ISO8601" ]
}
}
}
output {
stdout {
codec => rubydebug
}
elasticsearch {
embedded => ES_EMBEDDED
host => "ES_HOST"
port => "ES_PORT"
protocol => "http"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment