docker run -d --rm -v ./filebeat.yml:/usr/share/filebeat/filebeat.yml -v /var/log:/var/log  docker.elastic.co/beats/filebeat:6.1.1


###################### Filebeat Configuration Example #########################

# This file is an example configuration file highlighting only the most common
# options. The filebeat.full.yml file from the same directory contains all the
# supported options with more comments. You can use it as a reference.
#
# You can find the full configuration reference here:
# https://www.elastic.co/guide/en/beats/filebeat/index.html #=========================== Filebeat prospectors ============================= filebeat.prospectors: # Each - is a prospector. Most options can be set at the prospector level, so
# you can use different prospectors for various configurations.
# Below are the prospector specific configurations. - input_type: log
# Paths that should be crawled and fetched. Glob based paths.
paths:
- /var/log/**/*.log #- c:\programdata\elasticsearch\logs\* # Exclude lines. A list of regular expressions to match. It drops the lines that are
# matching any regular expression from the list.
#exclude_lines: ["^DBG"] # Include lines. A list of regular expressions to match. It exports the lines that are
# matching any regular expression from the list.
#include_lines: ["^ERR", "^WARN"] # Exclude files. A list of regular expressions to match. Filebeat drops the files that
# are matching any regular expression from the list. By default, no files are dropped.
# exclude_files: [".gz$"] # Optional additional fields. These field can be freely picked
# to add additional information to the crawled log files for filtering
#fields:
# level: debug
# review: 1 ### Multiline options # Mutiline can be used for log messages spanning multiple lines. This is common
# for Java Stack Traces or C-Line Continuation # The regexp Pattern that has to be matched. The example pattern matches all lines starting with [
multiline.pattern: ^\[ # Defines if the pattern set under pattern should be negated or not. Default is false.
multiline.negate: false # Match can be set to "after" or "before". It is used to define if lines should be append to a pattern
# that was (not) matched before or after or as long as a pattern is not matched based on negate.
# Note: After is the equivalent to previous and before is the equivalent to to next in Logstash
multiline.match: after #================================ General ===================================== # The name of the shipper that publishes the network data. It can be used to group
# all the transactions sent by a single shipper in the web interface.
name: "storm" # The tags of the shipper are included in their own field with each
# transaction published.
tags: ["storm", "web-tier"] # Optional fields that you can specify to add additional information to the
# output.
#fields:
# env: TonyBen
# Set to false to disable template loading. # Configure what outputs to use when sending the data collected by the beat.
# Multiple outputs may be used. #-------------------------- Elasticsearch output ------------------------------
output.elasticsearch:
# Array of hosts to connect to.
hosts: ["pet-cloud01:9200","pet-cloud01:9201"]
indices:
- index: "filebeat-%{[beat.name]}-%{[beat.version]}-%{+yyyy.MM.dd}"
# when.contains:
# source: "mongo"
#index: "storm1"
# Optional protocol and basic auth credentials.
#protocol: "https"
#username: "elastic"
#password: "changeme" #----------------------------- Logstash output --------------------------------
#output.logstash:
# The Logstash hosts
# hosts: ["172.23.46.21:5000"]
# index: "storm"
# Optional SSL. By default is off.
# List of root certificates for HTTPS server verifications
#ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] # Certificate for SSL client authentication
#ssl.certificate: "/etc/pki/client/cert.pem" # Client Certificate Key
#ssl.key: "/etc/pki/client/cert.key" #================================ Logging ===================================== # Sets log level. The default log level is info.
# Available log levels are: critical, error, warning, info, debug
logging.level: debug # At debug level, you can selectively enable logging only for some components.
# To enable all selectors use ["*"]. Examples of other selectors are "beat",
# "publish", "service".
#logging.selectors: ["*"]

filebeat configure的更多相关文章

  1. 国产深度学习框架mindspore-1.3.0 gpu版本无法进行源码编译

    官网地址: https://www.mindspore.cn/install 所有依赖环境 进行sudo make install 安装,最终报错: 错误记录信息: cat     /tmp/mind ...

  2. 快速搭建应用服务日志收集系统(Filebeat + ElasticSearch + kibana)

    快速搭建应用服务日志收集系统(Filebeat + ElasticSearch + kibana) 概要说明 需求场景,系统环境是CentOS,多个应用部署在多台服务器上,平时查看应用日志及排查问题十 ...

  3. filebeat.yml(中文配置详解)

    ################### Filebeat Configuration Example ######################### ####################### ...

  4. 0415关于通过FILEBEAT,LOGSTASH,ES,KIBNA实现数据的采集

    如何通过FILEBEAT,LOGSTASH,ES,KIBNA实现数据的采集总体参考网址:https://www.olinux.org.cn/elk/1157.html官方网址:https://www. ...

  5. 2-3、配置Filebeat

    配置Filebeat 提示:Filebeat modules为常见的日志格式提供了最快的入门操作. 如果要使用Filebeat模块,请跳过本节,包括剩余的入门步骤,并直接转到快速入门:Quick st ...

  6. 2-1、FileBeat入门

    FileBeat入门 要开始使用Filebeat设置,请安装并配置相关产品: 用于存储和索引数据的Elasticsearch. 用户界面的Kibana. 用于解析和增强数据的Logstash(可选). ...

  7. ElasticSearch+Logstash+Filebeat+Kibana集群日志管理分析平台搭建

    一.ELK搜索引擎原理介绍 在使用搜索引擎是你可能会觉得很简单方便,只需要在搜索栏输入想要的关键字就能显示出想要的结果.但在这简单的操作背后是搜索引擎复杂的逻辑和许多组件协同工作的结果. 搜索引擎的组 ...

  8. ELK部署详解--filebeat

    filebeat.yml ###################### Filebeat Configuration Example ######################### # This ...

  9. elk + filebeat,6.3.2版本简单搭建,实现我们自己的集中式日志系统

    前言 刚从事开发那段时间不习惯输出日志,认为那是无用功,徒增代码量,总认为自己的代码无懈可击:老大的叮嘱.强调也都视为耳旁风,最终导致的结果是我加班排查问题,花的时间还挺长的,要复现问题.排查问题等, ...

随机推荐

  1. 【转】转载一篇优质的讲解epoll模型的文章

    从事服务端开发,少不了要接触网络编程.Epoll 作为 Linux 下高性能网络服务器的必备技术至关重要,Nginx.Redis.Skynet 和大部分游戏服务器都使用到这一多路复用技术. Epoll ...

  2. [Cometoj#3 B]棋盘_状压dp

    棋盘 题目链接:https://cometoj.com/contest/38/problem/B?problem_id=1535 数据范围:略. 题解: 因为行数特别小,所以$dp$的时候可以状压起来 ...

  3. lua 模块与包(五)

    一.模块的介绍 模块类似于1个封装库,从Lua 5.1 开始,Lua加入了标准的模块管理机制,可以把一些公用的代码放在一个文件里,以API接口的形式在其他地方调用,用利于代码的重用和降低代码的耦合度. ...

  4. [转帖]中国新超算彻底告别进口CPU 国产芯片已可与国外抗衡

    中国新超算彻底告别进口CPU 国产芯片已可与国外抗衡 蓝天·2017-10-17·本土IC 来源: 观察者网 https://www.laoyaoba.com/html/news/newsdetail ...

  5. nginx+uwsgi02---django部署(不推荐)

    1.文件结构 myweb/ ├── manage.py ├── myweb/ │ ├── __init__.py │ ├── settings.py │ ├── urls.py │ └── wsgi. ...

  6. Python解Leetcode: 1. Two Sum

    题目描述:求出数组中等于目标值的两个数的索引,假定肯定存在两个数并且同一个索引上的数不能用两次. 思路: 用空间换时间,使用一个字典存储已经遍历的数字的索引,如果新遍历的数字和target的差值在字典 ...

  7. 多线程学习:win32多线程编程基本概念(转)

    一.定义: 1.进程和线程的区别 进程:是程序的执行过程,具有动态性,即运行的程序就叫进程,不运行就叫程序 ,每个进程包含一到多个线程.线程:系统中的最小执行单元,同一进程中有多个线程,线程可以共享资 ...

  8. VMware永久key

    VMware永久KEY:5F29M-48312-8ZDF9-A8A5K-2AM0Z

  9. javaIO——AutoCloseable 小试

    前面在 IO 概述篇提到过,AutoCloseable 接口类会自动调用 close() 方法,那究竟具体怎么写呢?以及发生异常情况下或者多个资源是不是都能自动调用呢?我们来写一个简单的类测试一下就知 ...

  10. javaIO——PipedReader & PipedWriter

    1. 概述: PipedReader 和 PipedWriter,意为管道读写流.所谓管道,那就是有进有出,所以这也是它们跟其它流对象最显著的区别:PipedReader和PipedWriter必须成 ...