自学内容网 自学内容网
自学内容网 > 正文

rsyslog+filebeat

🕗 发布于 2024-02-18 17:14 centos  linux  运维  

##rsyslog

#### RULES ####
$template DynaFile,"/data/log/net/other/%FROMHOST-IP%_%$YEAR%-%$MONTH%-%$DAY%"
$template myformat,"%$NOW% %TIMESTAMP:8:15% %hostname% %syslogtag% %msg%\n"
$ActionFileDefaultTemplate myformat


$template hq,"/data/log/net/HQ/%FROMHOST-IP%_%$YEAR%-%$MONTH%-%$DAY%"
 


:fromhost-ip, isequal, "127.0.0.1" ?Local
& ~
:hostname,contains,"CC" ?cc
& ~
:hostname,startswith,"HQ" ?hq
& ~
:syslogtag,startswith,"HQ" ?hq
& ~

:FROMHOST-IP,startswith,"10.32.4." ?hq
& ~
:FROMHOST-IP,startswith,"10.32.5" ?hq
& ~

*.*                                                     -?DynaFile
& ~

##filebeat

cat /etc/yum.repos.d/filebeat.repo
[filebeat]

name=Elasticsearch repository for 88888888.x packages

baseurl=https://artifacts.elastic.co/packages/8.x/yum

gpgcheck=0

gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch

enabled=1

autorefresh=1

type=rpm-md

#

 yum install filebeat -y 

#


原文地址:https://blog.csdn.net/MrZhangTS/article/details/136145769

免责声明:本站文章内容转载自网络资源,如本站内容侵犯了原著者的合法权益,可联系本站删除。更多内容请关注自学内容网(zxcms.com)!

相关文章

自学内容网
Copyright © 2015-2024