[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

31`31`

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

ddsad

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ^C

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ cat std02.conf

input {

    stdin {

      type => "zj_scan"

    }

}

filter {

    grok {

            match =>[

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request}\?.* HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message" , "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} (?<http_url>\S+)\s+HTTP/%{NUMBER:httpversion}\"\s+\-\s+%{NUMBER:http_status_code}\s+%{NUMBER:bytes}\s+\"\-\"\s+\"(?<http_user_agent>(\S+))\"\s+(%{BASE16FLOAT:request_time})\s+(%{IPORHOST:http_x_forwarded_for}|-)"

        ]

    }

       geoip {

                        source => "http_x_forwarded_for"

                        target => "geoip"

                        database => "/usr/local/logstash-2.3.4/etc/GeoLiteCity.dat"

                        add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]

                        add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}"  ]

                }

                mutate {

                        convert => [ "[geoip][coordinates]", "float"]

                        convert => [ "request_time", "float"]

                       add_field =>["response_time","%{request_time}"]

                        convert => [ "response_time", "float"]

                        add_field => [ "[@metadata][zabbix_key]" , "logstash-api-access" ]

                       add_field => [ "[@metadata][zabbix_host]" , "dr-mysql01" ]

                       add_field =>["messager","%{type}%{message}"]

                        remove_field =>["request_time"]

                        remove_field =>["message"]

                }

              date {

        match => ["time", "dd/MMM/yyyy:HH:mm:ss Z"]

    }

}

output {

        	stdout {

			codec => rubydebug

		}

#        if [response_time] >= 5  {

#          zabbix {

#                zabbix_host => "[@metadata][zabbix_host]"

#                zabbix_key => "[@metadata][zabbix_key]"

#        zabbix_server_host => "192.168.32.55"

#        zabbix_server_port => "10051"

#                zabbix_value => "messager"

#        }

# }

}

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

121

{

         "@version" => "1",

       "@timestamp" => "2016-09-27T05:40:46.547Z",

             "type" => "zj_scan",

             "host" => "dr-mysql01.zjcap.com",

             "tags" => [

        [0] "_grokparsefailure"

    ],

    "response_time" => "%{request_time}",

         "messager" => "zj_scan121"

}

加载zabbix 插件后,只要匹配不上 logstash就会挂掉,不会打印匹配不上的记录

zabbix 插件使用问题的更多相关文章

  1. logstash tomcat catalina.out zabbix 插件不会引起崩溃

    input { file { type => "zj_api" path => ["/data01/applog_backup/zjzc_log/zj-api ...

  2. logstash 安装zabbix插件

    <pre name="code" class="html">[root@xxyy yum.repos.d]# yum install ruby Lo ...

  3. centos7.4_x86_64安装grafana5.2.1并安装常用zabbix插件

    获取并安装grafana5.2.1# wget https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-5.2.1-1. ...

  4. Logstash zabbix 插件

    zabbix 监控 logstash 安装社区扩展包wget http://download.elasticsearch.org/logstash/logstash/logstash-contrib- ...

  5. 使用Zabbix监控Oracle数据库

    Orabbix介绍 监控Oracle数据库我们需要安装第三方提供的Zabbix插件,我们先测试比较有名的Orabbix,http://www.smartmarmot.com/product/orabb ...

  6. 给zabbix穿一件漂亮的衣服

    推荐给zabbix穿上一件漂亮的衣服,安装Grafana推荐连接:http://www.myexception.cn/software-testing/2008870.html yum install ...

  7. Grafana + Zabbix --- 部署分布式监控系统

    阅读目录: 1. 关闭防火墙 2. 安装Zabbix下载源 3. ZabbixClient  --- 安装zabbix-agent代理 4. ZabbixServer --- 安装zabbix-ser ...

  8. zabbix利用orabbix监控oracle

    Orabbix 是一个用来监控 Oracle 数据库实例的 Zabbix 插件.(插件安装在zabbix-server端) 下载地址:http://www.smartmarmot.com/produc ...

  9. Docker部署Zabbix+Grafana监控

    Docker部署Zabbix+Grafana监控 环境 centos 7 ; Docker 17.12.0-ce ; docker-compose version 1.20.1 2018-4-1 当前 ...

随机推荐

  1. vbs自学备份

    最小化所有窗口: Set obj = CreateObject("Shell.Application")obj.MinimizeAll 最小化某窗口: Const strTitle ...

  2. AngularJS clone directive 指令复制

    需求背景:         directive模块化某表单信息,但表单信息可加入多条.此时就涉及到clone directive. 解决方式:         能够通过使用angularjs中$com ...

  3. 招一位安防软件project师,嵌入式开发project师

    岗位职责 1.负责海思平台IPC产品应用层软件设计及维护 2.私有平台协议对接及为第三方提供技术支持. 任职资格: 1.较强的学习.领悟能力,能够高速熟悉公司现有代码. 2.熟练掌握C.C++开发语言 ...

  4. Java Numeric Formatting--reference

    I can think of numerous times when I have seen others write unnecessary Java code and I have written ...

  5. Qt Linux 使用QJson库

    1. 下载 到http://dl.oschina.net/soft/qjson下载库源文件: qjson-0.8.1-1385961227890.zip 解压为:qjson-0.8.1 2. 编译 c ...

  6. iText

    iText是著名的开放项目,是用于生成PDF文档的一个java类库.通过iText不仅可以生成PDF或rtf的文档,而且可以将XML.Html文件转化为PDF文件. 官方网站:http://itext ...

  7. 启动android程序报错

    提示错误如下: The connection to adb is down, and a severe error has occured. [2010-03-11 09:36:56 - HelloO ...

  8. 向ASP.NET服务器控件中嵌入CSS资源

    Step1:于[项目解决方案]中右键新建[ASP.NET服务器控件]项目 Step2:于项目中添加[Resources]文件夹,于该文件夹下添加[CSS文件] Step3:单击该CSS文件,并将[属性 ...

  9. dropdownlist 二级联动

    protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { GradeBind(); } } //绑定 ...

  10. gitHub项目框架使用排名

    项目名称 项目简介                                  使用心得                1. react-native 这 个是 Facebook 在 React ...