[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

31`31`

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

ddsad

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ^C

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ cat std02.conf

input {

    stdin {

      type => "zj_scan"

    }

}

filter {

    grok {

            match =>[

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request}\?.* HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message" , "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} (?<http_url>\S+)\s+HTTP/%{NUMBER:httpversion}\"\s+\-\s+%{NUMBER:http_status_code}\s+%{NUMBER:bytes}\s+\"\-\"\s+\"(?<http_user_agent>(\S+))\"\s+(%{BASE16FLOAT:request_time})\s+(%{IPORHOST:http_x_forwarded_for}|-)"

        ]

    }

       geoip {

                        source => "http_x_forwarded_for"

                        target => "geoip"

                        database => "/usr/local/logstash-2.3.4/etc/GeoLiteCity.dat"

                        add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]

                        add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}"  ]

                }

                mutate {

                        convert => [ "[geoip][coordinates]", "float"]

                        convert => [ "request_time", "float"]

                       add_field =>["response_time","%{request_time}"]

                        convert => [ "response_time", "float"]

                        add_field => [ "[@metadata][zabbix_key]" , "logstash-api-access" ]

                       add_field => [ "[@metadata][zabbix_host]" , "dr-mysql01" ]

                       add_field =>["messager","%{type}%{message}"]

                        remove_field =>["request_time"]

                        remove_field =>["message"]

                }

              date {

        match => ["time", "dd/MMM/yyyy:HH:mm:ss Z"]

    }

}

output {

        	stdout {

			codec => rubydebug

		}

#        if [response_time] >= 5  {

#          zabbix {

#                zabbix_host => "[@metadata][zabbix_host]"

#                zabbix_key => "[@metadata][zabbix_key]"

#        zabbix_server_host => "192.168.32.55"

#        zabbix_server_port => "10051"

#                zabbix_value => "messager"

#        }

# }

}

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

121

{

         "@version" => "1",

       "@timestamp" => "2016-09-27T05:40:46.547Z",

             "type" => "zj_scan",

             "host" => "dr-mysql01.zjcap.com",

             "tags" => [

        [0] "_grokparsefailure"

    ],

    "response_time" => "%{request_time}",

         "messager" => "zj_scan121"

}

加载zabbix 插件后,只要匹配不上 logstash就会挂掉,不会打印匹配不上的记录

zabbix 插件使用问题的更多相关文章

  1. logstash tomcat catalina.out zabbix 插件不会引起崩溃

    input { file { type => "zj_api" path => ["/data01/applog_backup/zjzc_log/zj-api ...

  2. logstash 安装zabbix插件

    <pre name="code" class="html">[root@xxyy yum.repos.d]# yum install ruby Lo ...

  3. centos7.4_x86_64安装grafana5.2.1并安装常用zabbix插件

    获取并安装grafana5.2.1# wget https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-5.2.1-1. ...

  4. Logstash zabbix 插件

    zabbix 监控 logstash 安装社区扩展包wget http://download.elasticsearch.org/logstash/logstash/logstash-contrib- ...

  5. 使用Zabbix监控Oracle数据库

    Orabbix介绍 监控Oracle数据库我们需要安装第三方提供的Zabbix插件,我们先测试比较有名的Orabbix,http://www.smartmarmot.com/product/orabb ...

  6. 给zabbix穿一件漂亮的衣服

    推荐给zabbix穿上一件漂亮的衣服,安装Grafana推荐连接:http://www.myexception.cn/software-testing/2008870.html yum install ...

  7. Grafana + Zabbix --- 部署分布式监控系统

    阅读目录: 1. 关闭防火墙 2. 安装Zabbix下载源 3. ZabbixClient  --- 安装zabbix-agent代理 4. ZabbixServer --- 安装zabbix-ser ...

  8. zabbix利用orabbix监控oracle

    Orabbix 是一个用来监控 Oracle 数据库实例的 Zabbix 插件.(插件安装在zabbix-server端) 下载地址:http://www.smartmarmot.com/produc ...

  9. Docker部署Zabbix+Grafana监控

    Docker部署Zabbix+Grafana监控 环境 centos 7 ; Docker 17.12.0-ce ; docker-compose version 1.20.1 2018-4-1 当前 ...

随机推荐

  1. Java中对象的上转型对象

    1. 定义 如果B类是A类的子类或间接子类,当用B类创建对象b并将这个对象b的引用赋给A类对象a时,如: A a;a = new B();ORA a;B b = new B();a = b; 则称A类 ...

  2. Object-C变量作用域 -- 笔记

    @interface Dog: NSObject { @public int age; @protected int ID; @Private float price; } @end 字段作用域解析: ...

  3. paip.gch预编译头不生效的原因以及解决:

    paip.gch预编译头不生效的原因以及解决: 作者Attilax ,  EMAIL:1466519819@qq.com 来源:attilax的专栏 地址:http://blog.csdn.net/a ...

  4. 详述iOS国际化

    在真正将国际化实践前,只知道通过NSLocalizedString方法将相应语言的字符串加载进来即可.但最近公司项目的新需求增加英文版本,并支持应用内无死角切换~,这才跳过各种坑实现了应用内切换语言, ...

  5. Linux应用程序打包

      原文地址:http://blog.solrex.cn/articles/packaging-1-src.html1. 应用程序打包技术之一(源代码篇) 相信很多朋友都曾经为方便做某件事写过自己的小 ...

  6. Spring Remoting by HTTP Invoker Example--reference

    Spring provides its own implementation of remoting service known as HttpInvoker. It can be used for ...

  7. 3_Linux_文件搜索指令

    .3文件搜索命令 1)which 查找一个命令所在的路径 whereis 提供命令的帮助文件的信息 whatis 显示命令的概要信息whatis ls which提供命令的别名信息 2)find,基本 ...

  8. HDU 5139 Formula 卡内存

    题目就是求这个 n达到10^7,测试数据组数为10^5 为了防止TLE,一开始把每个n对应的值先求出来,但发现竟然开不了10^7的数组(MLE),然后就意识到这是第一道卡内存的题目... 只能离线做, ...

  9. 【网络流#3】hdu 1532 - Dinic模板题

    输入为m,n表示m条边,n个结点 记下来m行,每行三个数,x,y,c表示x到y的边流量最大为c 这道题的模板来自于网络 http://blog.csdn.net/sprintfwater/articl ...

  10. java05 选择结构

    public static void main(String[] args) { /* * 张浩Java成绩大于90分,老师奖励他iPhone5 ,该怎么做呢? */ Scanner scanner= ...