[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

31`31`

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

ddsad

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ^C

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ cat std02.conf

input {

    stdin {

      type => "zj_scan"

    }

}

filter {

    grok {

            match =>[

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request}\?.* HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message" , "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} (?<http_url>\S+)\s+HTTP/%{NUMBER:httpversion}\"\s+\-\s+%{NUMBER:http_status_code}\s+%{NUMBER:bytes}\s+\"\-\"\s+\"(?<http_user_agent>(\S+))\"\s+(%{BASE16FLOAT:request_time})\s+(%{IPORHOST:http_x_forwarded_for}|-)"

        ]

    }

       geoip {

                        source => "http_x_forwarded_for"

                        target => "geoip"

                        database => "/usr/local/logstash-2.3.4/etc/GeoLiteCity.dat"

                        add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]

                        add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}"  ]

                }

                mutate {

                        convert => [ "[geoip][coordinates]", "float"]

                        convert => [ "request_time", "float"]

                       add_field =>["response_time","%{request_time}"]

                        convert => [ "response_time", "float"]

                        add_field => [ "[@metadata][zabbix_key]" , "logstash-api-access" ]

                       add_field => [ "[@metadata][zabbix_host]" , "dr-mysql01" ]

                       add_field =>["messager","%{type}%{message}"]

                        remove_field =>["request_time"]

                        remove_field =>["message"]

                }

              date {

        match => ["time", "dd/MMM/yyyy:HH:mm:ss Z"]

    }

}

output {

        	stdout {

			codec => rubydebug

		}

#        if [response_time] >= 5  {

#          zabbix {

#                zabbix_host => "[@metadata][zabbix_host]"

#                zabbix_key => "[@metadata][zabbix_key]"

#        zabbix_server_host => "192.168.32.55"

#        zabbix_server_port => "10051"

#                zabbix_value => "messager"

#        }

# }

}

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

121

{

         "@version" => "1",

       "@timestamp" => "2016-09-27T05:40:46.547Z",

             "type" => "zj_scan",

             "host" => "dr-mysql01.zjcap.com",

             "tags" => [

        [0] "_grokparsefailure"

    ],

    "response_time" => "%{request_time}",

         "messager" => "zj_scan121"

}

加载zabbix 插件后,只要匹配不上 logstash就会挂掉,不会打印匹配不上的记录

zabbix 插件使用问题的更多相关文章

  1. logstash tomcat catalina.out zabbix 插件不会引起崩溃

    input { file { type => "zj_api" path => ["/data01/applog_backup/zjzc_log/zj-api ...

  2. logstash 安装zabbix插件

    <pre name="code" class="html">[root@xxyy yum.repos.d]# yum install ruby Lo ...

  3. centos7.4_x86_64安装grafana5.2.1并安装常用zabbix插件

    获取并安装grafana5.2.1# wget https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-5.2.1-1. ...

  4. Logstash zabbix 插件

    zabbix 监控 logstash 安装社区扩展包wget http://download.elasticsearch.org/logstash/logstash/logstash-contrib- ...

  5. 使用Zabbix监控Oracle数据库

    Orabbix介绍 监控Oracle数据库我们需要安装第三方提供的Zabbix插件,我们先测试比较有名的Orabbix,http://www.smartmarmot.com/product/orabb ...

  6. 给zabbix穿一件漂亮的衣服

    推荐给zabbix穿上一件漂亮的衣服,安装Grafana推荐连接:http://www.myexception.cn/software-testing/2008870.html yum install ...

  7. Grafana + Zabbix --- 部署分布式监控系统

    阅读目录: 1. 关闭防火墙 2. 安装Zabbix下载源 3. ZabbixClient  --- 安装zabbix-agent代理 4. ZabbixServer --- 安装zabbix-ser ...

  8. zabbix利用orabbix监控oracle

    Orabbix 是一个用来监控 Oracle 数据库实例的 Zabbix 插件.(插件安装在zabbix-server端) 下载地址:http://www.smartmarmot.com/produc ...

  9. Docker部署Zabbix+Grafana监控

    Docker部署Zabbix+Grafana监控 环境 centos 7 ; Docker 17.12.0-ce ; docker-compose version 1.20.1 2018-4-1 当前 ...

随机推荐

  1. 手机端H5点击类目自动定位到相应内容

    _obj = {}; /*点击弹出分类*/_obj.openZZ=function(){ document.getElementById("app_screen01").style ...

  2. linux杂谈(二十):apache服务配置

    1.apache简单介绍 ​ ​我们常常要浏览网页,提供这种服务是apache.提供apache服务的软件是httpd服务. ​ ​Apache支持許多特性,大部分通过编译的模块实现.這些特性從伺服器 ...

  3. [AngularJS] Services, Factories, and Providers -- Service vs Factory

    Creating a Service: Before actual create an angular service, first create a constructor in Javascrip ...

  4. C#截图操作方法大全

    using System.Drawing; using System.Windows.Forms; namespace WindowsFormsApplication1 { class ScreenC ...

  5. Java基础知识强化81:Math类random()方法之获取任意范围的随机数案例(面试题)

    1. 需求:设计一个方法,可以实现获取任意范围内的随机数 分析:使用方法random()如下: public static double random() 注:Returns a pseudo-ran ...

  6. yii gridview columns value 内容如何换行 & 链接

    array( 'header' => '返回的服务器信息', 'name' => 'return_server_info', 'value' => 'str_replace(&quo ...

  7. wpf的学习日志(一)

    今天开始学习wpf,从xaml的布局开始 stackpanel布局:Orientation决定布局的横向还是纵向,HorizontalAlignment决定布局的对齐 <StackPanel O ...

  8. webform repeater

    repeater:由模板构成,解析后模板就不存在了             需要指定数据源进行数据绑定 List<Fruit> list = new FruitDA().Select(); ...

  9. CSS3 过滤

    CSS3 过滤 通过CSS3,我们可以在不适用flash动画或JavaScript的情况下,当元素从一种样式变换为另一种样式时为元素添加效果. 浏览器支持 属性 浏览器支持 transition   ...

  10. 查看SQL server服务名

    net start MSSQL$SQLEXPRESS 启动服务命令 net stop MSSQL$SQLEXPRESS 关闭服务命令 网上看到的那些 我都用不了 最后想起了这个 现在好了