logstash_01 / json

ELK/elasticsearch

logstash_01 / json

파아랑새 2019. 10. 19. 13:36

input {
  stdin {}
}

filter {
  json {
    source => "message"
  }
  mutate {
    remove_field => ["path", "@version", "message", "host", "@timestamp"]
  }
}

output {
  stdout {
    codec => rubydebug { }
  }
  elasticsearch {
    hosts => "192.168.240.183:9200"
    index => "kim"
    document_type => "_doc"
  }
}