zabbix 插件使用问题
[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf
Settings: Default pipeline workers: 8
Pipeline main started
31`31`
ArgumentError: comparison of String with 5 failed
>= at org/jruby/RubyComparable.java:155
>= at org/jruby/RubyString.java:1853
output_func at (eval):138
output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293
each at org/jruby/RubyArray.java:1613
inject at org/jruby/RubyEnumerable.java:852
output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287
worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232
start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201
[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf
Settings: Default pipeline workers: 8
Pipeline main started
ddsad
ArgumentError: comparison of String with 5 failed
>= at org/jruby/RubyComparable.java:155
>= at org/jruby/RubyString.java:1853
output_func at (eval):138
output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293
each at org/jruby/RubyArray.java:1613
inject at org/jruby/RubyEnumerable.java:852
output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287
worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232
start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201
[elk@dr-mysql01 frontend]$ ^C
[elk@dr-mysql01 frontend]$ vim std02.conf
[elk@dr-mysql01 frontend]$ vim std02.conf
[elk@dr-mysql01 frontend]$ cat std02.conf
input {
stdin {
type => "zj_scan"
} }
filter {
grok {
match =>[
"message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request}\?.* HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",
"message" , "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",
"message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} (?<http_url>\S+)\s+HTTP/%{NUMBER:httpversion}\"\s+\-\s+%{NUMBER:http_status_code}\s+%{NUMBER:bytes}\s+\"\-\"\s+\"(?<http_user_agent>(\S+))\"\s+(%{BASE16FLOAT:request_time})\s+(%{IPORHOST:http_x_forwarded_for}|-)" ]
}
geoip {
source => "http_x_forwarded_for"
target => "geoip"
database => "/usr/local/logstash-2.3.4/etc/GeoLiteCity.dat"
add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]
add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}" ]
}
mutate {
convert => [ "[geoip][coordinates]", "float"]
convert => [ "request_time", "float"]
add_field =>["response_time","%{request_time}"]
convert => [ "response_time", "float"]
add_field => [ "[@metadata][zabbix_key]" , "logstash-api-access" ]
add_field => [ "[@metadata][zabbix_host]" , "dr-mysql01" ]
add_field =>["messager","%{type}%{message}"]
remove_field =>["request_time"]
remove_field =>["message"] }
date {
match => ["time", "dd/MMM/yyyy:HH:mm:ss Z"]
}
}
output {
stdout {
codec => rubydebug
}
# if [response_time] >= 5 {
# zabbix {
# zabbix_host => "[@metadata][zabbix_host]"
# zabbix_key => "[@metadata][zabbix_key]"
# zabbix_server_host => "192.168.32.55"
# zabbix_server_port => "10051"
# zabbix_value => "messager"
# }
# }
}
[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf
Settings: Default pipeline workers: 8
Pipeline main started
121
{
"@version" => "1",
"@timestamp" => "2016-09-27T05:40:46.547Z",
"type" => "zj_scan",
"host" => "dr-mysql01.zjcap.com",
"tags" => [
[0] "_grokparsefailure"
],
"response_time" => "%{request_time}",
"messager" => "zj_scan121"
} 加载zabbix 插件后,只要匹配不上 logstash就会挂掉,不会打印匹配不上的记录
zabbix 插件使用问题的更多相关文章
- logstash tomcat catalina.out zabbix 插件不会引起崩溃
input { file { type => "zj_api" path => ["/data01/applog_backup/zjzc_log/zj-api ...
- logstash 安装zabbix插件
<pre name="code" class="html">[root@xxyy yum.repos.d]# yum install ruby Lo ...
- centos7.4_x86_64安装grafana5.2.1并安装常用zabbix插件
获取并安装grafana5.2.1# wget https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-5.2.1-1. ...
- Logstash zabbix 插件
zabbix 监控 logstash 安装社区扩展包wget http://download.elasticsearch.org/logstash/logstash/logstash-contrib- ...
- 使用Zabbix监控Oracle数据库
Orabbix介绍 监控Oracle数据库我们需要安装第三方提供的Zabbix插件,我们先测试比较有名的Orabbix,http://www.smartmarmot.com/product/orabb ...
- 给zabbix穿一件漂亮的衣服
推荐给zabbix穿上一件漂亮的衣服,安装Grafana推荐连接:http://www.myexception.cn/software-testing/2008870.html yum install ...
- Grafana + Zabbix --- 部署分布式监控系统
阅读目录: 1. 关闭防火墙 2. 安装Zabbix下载源 3. ZabbixClient --- 安装zabbix-agent代理 4. ZabbixServer --- 安装zabbix-ser ...
- zabbix利用orabbix监控oracle
Orabbix 是一个用来监控 Oracle 数据库实例的 Zabbix 插件.(插件安装在zabbix-server端) 下载地址:http://www.smartmarmot.com/produc ...
- Docker部署Zabbix+Grafana监控
Docker部署Zabbix+Grafana监控 环境 centos 7 ; Docker 17.12.0-ce ; docker-compose version 1.20.1 2018-4-1 当前 ...
随机推荐
- python_Opencv_处理鼠标事件
流程: 首先,创建一个鼠标事件回调函数,当鼠标事件发生时就会被执行. 鼠标事件可以是鼠标上的任何动作,比如左键按下,左键松开,左键双击等. 我们可以通过鼠标事件获得与鼠标对应的图片上的坐标. 根据这些 ...
- 手机端H5点击类目自动定位到相应内容
_obj = {}; /*点击弹出分类*/_obj.openZZ=function(){ document.getElementById("app_screen01").style ...
- SheetOffice控件使用分享
1. 控件属性及说明 Template:套用的模板目录(套用模板会使用到) 模板中必须包含书签: Body,这个是在代码中写死了的,是把当前文档的内容插入到模板的Body书签中. 如果使用印章,必须 ...
- android 反纠结app开发: 在线程中更新view
大体上想实现一个思路: 对一个view 的内容进行不停地变化, 通过按钮停止这种变化,以达到随机选择的目的. 开发过程中 使用textview 模拟, 建立线程 mythread = new Thr ...
- Ubuntu + Win7 双系统 重装win7后进入不了Ubuntu
机子上先有win7,然后装Ubuntu,装完Ubuntu后,开机进入Ub开机界面,里面有ubuntu,win7 loader(启动项),选择win7启动后就出现读盘错误. 天,我怎么能修复好这双系统启 ...
- eclipse中新建maven项目
maven是个项目管理工具,集各种功能于一身,下面介绍maven web项目在eclipse种的配置,并于tomcat集成.配置成功后,可以跟一般的web项目一样调试. 一.准备条件 1.安装下载jd ...
- js中widow.open()方法详解
一. window.open() 支持环境: JavaScript1.0+/JScript1.0+/Nav2+/IE3+/Opera3+ 二.基本语法: window.open(pageURL,nam ...
- android改动tab 导航 指示器颜色
我事实上想改动的上面的蓝色条条,改成红色. 这个问题实在是困扰我了太长时间.之前參照google的这个文章: https://developer.android.com/training/basics ...
- [Redux] Avoiding Array Mutations with concat(), slice(), and ...spread
For Redux, you cannot use mutable methods like push, splice. Need to use immutable methods such as c ...
- Creating a Swap Partition
Creating a Swap Partition 1. Use fdisk /dev/vda to open your disk in fdisk. (Use gdisk if you ar ...