Created
April 24, 2015 00:22
-
-
Save wjimenez5271/17b92b1ae303b04d993f to your computer and use it in GitHub Desktop.
logstash-debug-out
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Reading config file {:file=>"logstash/agent.rb", :level=>:debug, :line=>"326", :method=>"local_config"} | |
| Compiled pipeline code: | |
| @inputs = [] | |
| @filters = [] | |
| @outputs = [] | |
| @periodic_flushers = [] | |
| @shutdown_flushers = [] | |
| @input_lumberjack_1 = plugin("input", "lumberjack", LogStash::Util.hash_merge_many({ "port" => 5043 }, { "ssl_certificate" => ("/opt/mycert.crt") }, { "ssl_key" => ("/opt/mykey.key") })) | |
| @inputs << @input_lumberjack_1 | |
| @filter_grok_2 = plugin("filter", "grok", LogStash::Util.hash_merge_many({ "match" => {("message") => ("%{IPORHOST:clientip} %{USER:ident} %{USER:auth} \\[%{HTTPDATE:timestamp}\\] \\\"(?:%{WORD:http_method} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})\\\" %{NUMBER:response} (?:%{NUMBER:bytes}|-)")} })) | |
| @filters << @filter_grok_2 | |
| @filter_grok_2_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_grok_2) | |
| events = @filter_grok_2.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_grok_2, :events => events) | |
| @filter_date_3.filter(event) {|new_event| events << new_event } | |
| events = cond_func_1(events) | |
| events = cond_func_2(events) | |
| events = cond_func_3(events) | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_grok_2.respond_to?(:flush) | |
| @periodic_flushers << @filter_grok_2_flush if @filter_grok_2.periodic_flush | |
| @shutdown_flushers << @filter_grok_2_flush | |
| end | |
| @filter_date_3 = plugin("filter", "date", LogStash::Util.hash_merge_many({ "match" => [("timestamp"), ("dd/MMM/yyyy:HH:mm:ss Z")] })) | |
| @filters << @filter_date_3 | |
| @filter_date_3_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_date_3) | |
| events = @filter_date_3.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_date_3, :events => events) | |
| events = cond_func_4(events) | |
| events = cond_func_5(events) | |
| events = cond_func_6(events) | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_date_3.respond_to?(:flush) | |
| @periodic_flushers << @filter_date_3_flush if @filter_date_3.periodic_flush | |
| @shutdown_flushers << @filter_date_3_flush | |
| end | |
| @filter_mutate_4 = plugin("filter", "mutate", LogStash::Util.hash_merge_many({ "add_tag" => [("--")] })) | |
| @filters << @filter_mutate_4 | |
| @filter_mutate_4_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_mutate_4) | |
| events = @filter_mutate_4.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_mutate_4, :events => events) | |
| events = cond_func_7(events) | |
| events = cond_func_8(events) | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_mutate_4.respond_to?(:flush) | |
| @periodic_flushers << @filter_mutate_4_flush if @filter_mutate_4.periodic_flush | |
| @shutdown_flushers << @filter_mutate_4_flush | |
| end | |
| @filter_multiline_5 = plugin("filter", "multiline", LogStash::Util.hash_merge_many({ "patterns_dir" => ("/opt/logstash-patterns-core/patterns") }, { "pattern" => ("(^%{TIMESTAMP_ISO8601})") }, { "negate" => ("true") }, { "what" => ("previous") }, { "stream_identity" => ("%{host}.%{file}.%{type}") })) | |
| @filters << @filter_multiline_5 | |
| @filter_multiline_5_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_multiline_5) | |
| events = @filter_multiline_5.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_multiline_5, :events => events) | |
| @filter_grok_6.filter(event) {|new_event| events << new_event } | |
| @filter_date_7.filter(event) {|new_event| events << new_event } | |
| @filter_mutate_8.filter(event) {|new_event| events << new_event } | |
| events = cond_func_9(events) | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_multiline_5.respond_to?(:flush) | |
| @periodic_flushers << @filter_multiline_5_flush if @filter_multiline_5.periodic_flush | |
| @shutdown_flushers << @filter_multiline_5_flush | |
| end | |
| @filter_grok_6 = plugin("filter", "grok", LogStash::Util.hash_merge_many({ "patterns_dir" => ("/opt/logstash-patterns-core/patterns") }, { "break_on_match" => ("false") }, { "match" => [("message"), ("%{TIMESTAMP_ISO8601:date} %{DATA:level} %{GREEDYDATA:tomcat_message}")] })) | |
| @filters << @filter_grok_6 | |
| @filter_grok_6_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_grok_6) | |
| events = @filter_grok_6.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_grok_6, :events => events) | |
| @filter_date_7.filter(event) {|new_event| events << new_event } | |
| @filter_mutate_8.filter(event) {|new_event| events << new_event } | |
| events = cond_func_10(events) | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_grok_6.respond_to?(:flush) | |
| @periodic_flushers << @filter_grok_6_flush if @filter_grok_6.periodic_flush | |
| @shutdown_flushers << @filter_grok_6_flush | |
| end | |
| @filter_date_7 = plugin("filter", "date", LogStash::Util.hash_merge_many({ "match" => [("date"), ("YYYY-MM-dd HH:mm:ss,SSS"), ("YYYY-MM-dd HH:mm:ss.SSS")] })) | |
| @filters << @filter_date_7 | |
| @filter_date_7_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_date_7) | |
| events = @filter_date_7.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_date_7, :events => events) | |
| @filter_mutate_8.filter(event) {|new_event| events << new_event } | |
| events = cond_func_11(events) | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_date_7.respond_to?(:flush) | |
| @periodic_flushers << @filter_date_7_flush if @filter_date_7.periodic_flush | |
| @shutdown_flushers << @filter_date_7_flush | |
| end | |
| @filter_mutate_8 = plugin("filter", "mutate", LogStash::Util.hash_merge_many({ "remove_field" => [("tomcat_message")] }, { "remove_field" => [("@source")] })) | |
| @filters << @filter_mutate_8 | |
| @filter_mutate_8_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_mutate_8) | |
| events = @filter_mutate_8.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_mutate_8, :events => events) | |
| events = cond_func_12(events) | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_mutate_8.respond_to?(:flush) | |
| @periodic_flushers << @filter_mutate_8_flush if @filter_mutate_8.periodic_flush | |
| @shutdown_flushers << @filter_mutate_8_flush | |
| end | |
| @filter_grok_9 = plugin("filter", "grok", LogStash::Util.hash_merge_many({ "match" => {("message") => ("%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\\[%{POSINT:syslog_pid}\\])?: %{GREEDYDATA:syslog_message}")} }, { "add_field" => [("received_at"), ("%{@timestamp}")] }, { "add_field" => [("received_from"), ("%{host}")] })) | |
| @filters << @filter_grok_9 | |
| @filter_grok_9_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_grok_9) | |
| events = @filter_grok_9.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_grok_9, :events => events) | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_grok_9.respond_to?(:flush) | |
| @periodic_flushers << @filter_grok_9_flush if @filter_grok_9.periodic_flush | |
| @shutdown_flushers << @filter_grok_9_flush | |
| end | |
| @filter_syslog_pri_10 = plugin("filter", "syslog_pri") | |
| @filters << @filter_syslog_pri_10 | |
| @filter_syslog_pri_10_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_syslog_pri_10) | |
| events = @filter_syslog_pri_10.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_syslog_pri_10, :events => events) | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_syslog_pri_10.respond_to?(:flush) | |
| @periodic_flushers << @filter_syslog_pri_10_flush if @filter_syslog_pri_10.periodic_flush | |
| @shutdown_flushers << @filter_syslog_pri_10_flush | |
| end | |
| @filter_date_11 = plugin("filter", "date", LogStash::Util.hash_merge_many({ "match" => [("syslog_timestamp"), ("MMM d HH:mm:ss"), ("MMM dd HH:mm:ss")] })) | |
| @filters << @filter_date_11 | |
| @filter_date_11_flush = lambda do |options, &block| | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_date_11) | |
| events = @filter_date_11.flush(options) | |
| return if events.nil? || events.empty? | |
| @logger.debug? && @logger.debug("Flushing", :plugin => @filter_date_11, :events => events) | |
| events.each{|e| block.call(e)} | |
| end | |
| if @filter_date_11.respond_to?(:flush) | |
| @periodic_flushers << @filter_date_11_flush if @filter_date_11.periodic_flush | |
| @shutdown_flushers << @filter_date_11_flush | |
| end | |
| @output_elasticsearch_12 = plugin("output", "elasticsearch", LogStash::Util.hash_merge_many({ "cluster" => ("mycluster") }, { "host" => ("10.10.10.10") }, { "port" => ("9200") }, { "protocol" => ("http") }, { "workers" => 4 })) | |
| @outputs << @output_elasticsearch_12 | |
| def filter_func(event) | |
| events = [event] | |
| @logger.debug? && @logger.debug("filter received", :event => event.to_hash) | |
| events = cond_func_13(events) | |
| events = cond_func_14(events) | |
| events = cond_func_15(events) | |
| events = cond_func_16(events) | |
| events | |
| end | |
| def output_func(event) | |
| @logger.debug? && @logger.debug("output received", :event => event.to_hash) | |
| @output_elasticsearch_12.handle(event) | |
| end | |
| def cond_func_1(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[file]"] == ("/app/log.log"))) # if [file] == "/app/log.log" | |
| @filter_mutate_4.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_2(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("tomcat"))) # if [type] == "tomcat" | |
| @filter_multiline_5.filter(event) {|new_event| events << new_event } | |
| @filter_grok_6.filter(event) {|new_event| events << new_event } | |
| @filter_date_7.filter(event) {|new_event| events << new_event } | |
| @filter_mutate_8.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_3(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("syslog"))) # if [type] == "syslog" | |
| @filter_grok_9.filter(event) {|new_event| events << new_event } | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_4(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[file]"] == ("/app/log.log"))) # if [file] == "/app/log.log" | |
| @filter_mutate_4.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_5(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("tomcat"))) # if [type] == "tomcat" | |
| @filter_multiline_5.filter(event) {|new_event| events << new_event } | |
| @filter_grok_6.filter(event) {|new_event| events << new_event } | |
| @filter_date_7.filter(event) {|new_event| events << new_event } | |
| @filter_mutate_8.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_6(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("syslog"))) # if [type] == "syslog" | |
| @filter_grok_9.filter(event) {|new_event| events << new_event } | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_7(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("tomcat"))) # if [type] == "tomcat" | |
| @filter_multiline_5.filter(event) {|new_event| events << new_event } | |
| @filter_grok_6.filter(event) {|new_event| events << new_event } | |
| @filter_date_7.filter(event) {|new_event| events << new_event } | |
| @filter_mutate_8.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_8(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("syslog"))) # if [type] == "syslog" | |
| @filter_grok_9.filter(event) {|new_event| events << new_event } | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_9(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("syslog"))) # if [type] == "syslog" | |
| @filter_grok_9.filter(event) {|new_event| events << new_event } | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_10(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("syslog"))) # if [type] == "syslog" | |
| @filter_grok_9.filter(event) {|new_event| events << new_event } | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_11(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("syslog"))) # if [type] == "syslog" | |
| @filter_grok_9.filter(event) {|new_event| events << new_event } | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_12(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("syslog"))) # if [type] == "syslog" | |
| @filter_grok_9.filter(event) {|new_event| events << new_event } | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_13(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("apache"))) # if [type] == "apache" | |
| @filter_grok_2.filter(event) {|new_event| events << new_event } | |
| @filter_date_3.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_14(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[file]"] == ("/app/log.log"))) # if [file] == "/app/log.log" | |
| @filter_mutate_4.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_15(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("tomcat"))) # if [type] == "tomcat" | |
| @filter_multiline_5.filter(event) {|new_event| events << new_event } | |
| @filter_grok_6.filter(event) {|new_event| events << new_event } | |
| @filter_date_7.filter(event) {|new_event| events << new_event } | |
| @filter_mutate_8.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| def cond_func_16(input_events) | |
| result = [] | |
| input_events.each do |event| | |
| events = [event] | |
| if ((event["[type]"] == ("syslog"))) # if [type] == "syslog" | |
| @filter_grok_9.filter(event) {|new_event| events << new_event } | |
| @filter_syslog_pri_10.filter(event) {|new_event| events << new_event } | |
| @filter_date_11.filter(event) {|new_event| events << new_event } | |
| end | |
| result += events | |
| end | |
| result | |
| end | |
| {:level=>:debug, :file=>"logstash/pipeline.rb", :line=>"28", :method=>"initialize"} | |
| Plugin not defined in namespace, checking for plugin file {:type=>"input", :name=>"lumberjack", :path=>"logstash/inputs/lumberjack", :level=>:debug, :file=>"logstash/plugin.rb", :line=>"133", :method=>"lookup"} | |
| Using version 0.1.x input plugin 'lumberjack'. This plugin isn't well supported by the community and likely has no maintainer. {:level=>:info, :file=>"logstash/config/mixin.rb", :line=>"223", :method=>"print_version_notice"} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment