Kawika's SRE/Devops Blog

Deliver – Measure – Grow

Menu

  • Home
  • About
  • Contact

logstash

You are here: Kawika's SRE/Devops Blog > logstash

Logstash Filter OTD : NGiNX Access Log

In today’s Logstash Filter Of The Day, we look at encoding NGiNX access logs into JSON. To save the default NGiNX log format into Elasticsearch requires transcoding it to JSON. Read this post to learn how to format your logs

Kawika Ohumukini April 7, 2020April 9, 2020 Logstash Read more

Automating Logstash Configurations With Consul-Template

Consul and Consul-Template are two powerful tools for updating server files and executing a command after the file has been updated. This makes it a great and lightweight tool for managing configuration files for applications that need to reload or restart after

Kawika Ohumukini August 15, 2018April 7, 2020 DevOps Read more

Recent Posts

  • Logstash Filter OTD : NGiNX Access Log
  • NGiNX JSON Access Log
  • Which Elasticsearch Analyzer for the job?
  • Elasticsearch _source field
  • Elasticsearch Index Templates

Categories

  • DevOps
  • Elasticsearch
  • Logstash
  • Miscellaneous
  • One-Liners

Recent Posts

  • Logstash Filter OTD : NGiNX Access Log

    Logstash Filter OTD : NGiNX Access Log

  • NGiNX JSON Access Log

    NGiNX JSON Access Log

  • Which Elasticsearch Analyzer for the job?

    Which Elasticsearch Analyzer for the job?

Pages

  • Home
  • Contact Me
  • Miscellaneous

Contact

  • Kawika Ohumukini
  • San Diego | CA | USA
  • Email: kawikao@kickin6.com

Copyright © 2020 Kawika's SRE/Devops Blog

  • Home
  • Contact Me
  • Miscellaneous
Logstash Default Template 
{
  "order": 0,
  "version": 60001,
  "index_patterns": [
    "logstash-*"
  ],
  "settings": {
    "index": {
      "number_of_shards": "1",
      "refresh_interval": "5s"
    }
  },
  "mappings": {
    "dynamic_templates": [
      {
        "message_field": {
          "path_match": "message",
          "mapping": {
            "norms": false,
            "type": "text"
          },
          "match_mapping_type": "string"
        }
      },
      {
        "string_fields": {
          "mapping": {
            "norms": false,
            "type": "text",
            "fields": {
              "keyword": {
                "ignore_above": 256,
                "type": "keyword"
              }
            }
          },
          "match_mapping_type": "string",
          "match": "*"
        }
      }
    ],
    "properties": {
      "@timestamp": {
        "type": "date"
      },
      "geoip": {
        "dynamic": true,
        "properties": {
          "ip": {
            "type": "ip"
          },
          "latitude": {
            "type": "half_float"
          },
          "location": {
            "type": "geo_point"
          },
          "longitude": {
            "type": "half_float"
          }
        }
      },
      "@version": {
        "type": "keyword"
      }
    }
  },
  "aliases": {}
}