Home Explore Help
Sign In
python
/
dm
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: cd97e431b2
Branches Tags
dm
/
container
/
conf
/
elastic
/
filebeat
/
filebeat.yml

filebeat.yml 4.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 
  1. ###################### Filebeat Configuration Example #########################
    2. 

  2. 

  3. # This file is an example configuration file highlighting only the most common
    4. 

  4. # options. The filebeat.full.yml file from the same directory contains all the
    5. 

  5. # supported options with more comments. You can use it as a reference.
    6. 

  6. #
    7. 

  7. # You can find the full configuration reference here:
    8. 

  8. # https://www.elastic.co/guide/en/beats/filebeat/index.html
    9. 

  9. 

  10. #=========================== Filebeat prospectors =============================
    11. 

  11. 

  12. filebeat.prospectors:
    13. 

  13. 

  14. # Each - is a prospector. Most options can be set at the prospector level, so
    15. 

  15. # you can use different prospectors for various configurations.
    16. 

  16. # Below are the prospector specific configurations.
    17. 

  17. 

  18. - input_type: log
    19. 

  19. 

  20.   # Paths that should be crawled and fetched. Glob based paths.
    21. 

  21.   paths:
    22. 

  22.     - "/root/nginx/*.log"
    23. 

  23.     #- "/root/docker/*/*.log"
    24. 

  24.     #- "/root/php7/*.log"
    25. 

  25.     #- c:\programdata\elasticsearch\logs\*
    26. 

  26.   encoding: utf-8
    27. 

  27. 

  28.   # Exclude lines. A list of regular expressions to match. It drops the lines that are
    29. 

  29.   # matching any regular expression from the list.
    30. 

  30.   #exclude_lines: ["^DBG"]
    31. 

  31. 

  32.   # Include lines. A list of regular expressions to match. It exports the lines that are
    33. 

  33.   # matching any regular expression from the list.
    34. 

  34.   #include_lines: ["^ERR", "^WARN"]
    35. 

  35. 

  36.   # Exclude files. A list of regular expressions to match. Filebeat drops the files that
    37. 

  37.   # are matching any regular expression from the list. By default, no files are dropped.
    38. 

  38.   #exclude_files: [".gz$"]
    39. 

  39. 

  40.   # Optional additional fields. These field can be freely picked
    41. 

  41.   # to add additional information to the crawled log files for filtering
    42. 

  42.   #fields:
    43. 

  43.   #  level: debug
    44. 

  44.   #  review: 1
    45. 

  45. 

  46.   ### Multiline options
    47. 

  47. 

  48.   # Mutiline can be used for log messages spanning multiple lines. This is common
    49. 

  49.   # for Java Stack Traces or C-Line Continuation
    50. 

  50. 

  51.   # The regexp Pattern that has to be matched. The example pattern matches all lines starting with [
    52. 

  52.   #multiline.pattern: ^\[
    53. 

  53. 

  54.   # Defines if the pattern set under pattern should be negated or not. Default is false.
    55. 

  55.   #multiline.negate: false
    56. 

  56. 

  57.   # Match can be set to "after" or "before". It is used to define if lines should be append to a pattern
    58. 

  58.   # that was (not) matched before or after or as long as a pattern is not matched based on negate.
    59. 

  59.   # Note: After is the equivalent to previous and before is the equivalent to to next in Logstash
    60. 

  60.   #multiline.match: after
    61. 

  61. 

  62. 

  63. #================================ General =====================================
    64. 

  64. 

  65. # The name of the shipper that publishes the network data. It can be used to group
    66. 

  66. # all the transactions sent by a single shipper in the web interface.
    67. 

  67. #name:
    68. 

  68. 

  69. # The tags of the shipper are included in their own field with each
    70. 

  70. # transaction published.
    71. 

  71. #tags: ["service-X", "web-tier"]
    72. 

  72. 

  73. # Optional fields that you can specify to add additional information to the
    74. 

  74. # output.
    75. 

  75. #fields:
    76. 

  76. #  env: staging
    77. 

  77. 

  78. #================================ Outputs =====================================
    79. 

  79. 

  80. # Configure what outputs to use when sending the data collected by the beat.
    81. 

  81. # Multiple outputs may be used.
    82. 

  82. 

  83. #-------------------------- Elasticsearch output ------------------------------
    84. 

  84. output.elasticsearch:
    85. 

  85.   # Array of hosts to connect to.
    86. 

  86.   hosts: ["elk-es:9200"]
    87. 

  87. 

  88.   # Optional protocol and basic auth credentials.
    89. 

  89.   #protocol: "https"
    90. 

  90.   username: "elastic"
    91. 

  91.   password: "changeme"
    92. 

  92.   #index: "nginx-%{+yyyy.MM.dd}"
    93. 

  93.   #curl -XPUT 'http://elk-ek:9200/_ingest/pipeline/nginx-pipeline' -d@/work/pipeline.json
    94. 

  94.   #pipeline: "nginx-pipeline"
    95. 

  95. 

  96. #----------------------------- Logstash output --------------------------------
    97. 

  97. #output.logstash:
    98. 

  98.   # The Logstash hosts
    99. 

  99.   #hosts: ["elk-logstash:5044"]
    100. 

  100. 

  101.   # Optional SSL. By default is off.
    102. 

  102.   # List of root certificates for HTTPS server verifications
    103. 

  103.   #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
    104. 

  104. 

  105.   # Certificate for SSL client authentication
    106. 

  106.   #ssl.certificate: "/etc/pki/client/cert.pem"
    107. 

  107. 

  108.   # Client Certificate Key
    109. 

  109.   #ssl.key: "/etc/pki/client/cert.key"
    110. 

  110. 

  111. #================================ Logging =====================================
    112. 

  112. 

  113. # Sets log level. The default log level is info.
    114. 

  114. # Available log levels are: critical, error, warning, info, debug
    115. 

  115. #logging.level: debug
    116. 

  116. 

  117. # At debug level, you can selectively enable logging only for some components.
    118. 

  118. # To enable all selectors use ["*"]. Examples of other selectors are "beat",
    119. 

  119. # "publish", "service".
    120. 

  120. #logging.selectors: ["*"]
    121.