[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

31`31`

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

ddsad

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ^C

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ cat std02.conf

input {

    stdin {

      type => "zj_scan"

    }

}

filter {

    grok {

            match =>[

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request}\?.* HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message" , "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} (?<http_url>\S+)\s+HTTP/%{NUMBER:httpversion}\"\s+\-\s+%{NUMBER:http_status_code}\s+%{NUMBER:bytes}\s+\"\-\"\s+\"(?<http_user_agent>(\S+))\"\s+(%{BASE16FLOAT:request_time})\s+(%{IPORHOST:http_x_forwarded_for}|-)"

        ]

    }

       geoip {

                        source => "http_x_forwarded_for"

                        target => "geoip"

                        database => "/usr/local/logstash-2.3.4/etc/GeoLiteCity.dat"

                        add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]

                        add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}"  ]

                }

                mutate {

                        convert => [ "[geoip][coordinates]", "float"]

                        convert => [ "request_time", "float"]

                       add_field =>["response_time","%{request_time}"]

                        convert => [ "response_time", "float"]

                        add_field => [ "[@metadata][zabbix_key]" , "logstash-api-access" ]

                       add_field => [ "[@metadata][zabbix_host]" , "dr-mysql01" ]

                       add_field =>["messager","%{type}%{message}"]

                        remove_field =>["request_time"]

                        remove_field =>["message"]

                }

              date {

        match => ["time", "dd/MMM/yyyy:HH:mm:ss Z"]

    }

}

output {

        	stdout {

			codec => rubydebug

		}

#        if [response_time] >= 5  {

#          zabbix {

#                zabbix_host => "[@metadata][zabbix_host]"

#                zabbix_key => "[@metadata][zabbix_key]"

#        zabbix_server_host => "192.168.32.55"

#        zabbix_server_port => "10051"

#                zabbix_value => "messager"

#        }

# }

}

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

121

{

         "@version" => "1",

       "@timestamp" => "2016-09-27T05:40:46.547Z",

             "type" => "zj_scan",

             "host" => "dr-mysql01.zjcap.com",

             "tags" => [

        [0] "_grokparsefailure"

    ],

    "response_time" => "%{request_time}",

         "messager" => "zj_scan121"

}

加载zabbix 插件后,只要匹配不上 logstash就会挂掉,不会打印匹配不上的记录

zabbix 插件使用问题的更多相关文章

  1. logstash tomcat catalina.out zabbix 插件不会引起崩溃

    input { file { type => "zj_api" path => ["/data01/applog_backup/zjzc_log/zj-api ...

  2. logstash 安装zabbix插件

    <pre name="code" class="html">[root@xxyy yum.repos.d]# yum install ruby Lo ...

  3. centos7.4_x86_64安装grafana5.2.1并安装常用zabbix插件

    获取并安装grafana5.2.1# wget https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-5.2.1-1. ...

  4. Logstash zabbix 插件

    zabbix 监控 logstash 安装社区扩展包wget http://download.elasticsearch.org/logstash/logstash/logstash-contrib- ...

  5. 使用Zabbix监控Oracle数据库

    Orabbix介绍 监控Oracle数据库我们需要安装第三方提供的Zabbix插件,我们先测试比较有名的Orabbix,http://www.smartmarmot.com/product/orabb ...

  6. 给zabbix穿一件漂亮的衣服

    推荐给zabbix穿上一件漂亮的衣服,安装Grafana推荐连接:http://www.myexception.cn/software-testing/2008870.html yum install ...

  7. Grafana + Zabbix --- 部署分布式监控系统

    阅读目录: 1. 关闭防火墙 2. 安装Zabbix下载源 3. ZabbixClient  --- 安装zabbix-agent代理 4. ZabbixServer --- 安装zabbix-ser ...

  8. zabbix利用orabbix监控oracle

    Orabbix 是一个用来监控 Oracle 数据库实例的 Zabbix 插件.(插件安装在zabbix-server端) 下载地址:http://www.smartmarmot.com/produc ...

  9. Docker部署Zabbix+Grafana监控

    Docker部署Zabbix+Grafana监控 环境 centos 7 ; Docker 17.12.0-ce ; docker-compose version 1.20.1 2018-4-1 当前 ...

随机推荐

  1. VC —— 笔记汇总

    导读 本文仅用于记录在个人在使用VC++过程中的遇到一些的问题和相关概念. 目录 开发环境 实践记录 MFC相关 windows编程相关 1.开发环境 1.Visual C++ 官方网站 主要内容:V ...

  2. SVN在Android Studio中的配置

    在AndroidStudio中开发版本控制,除了Git就是SVN,和Eclipse不同Android Studio没有提供单独的插件,只能和SVN客户端关联使用,和Eclipse安装有很大区别,下面介 ...

  3. 【转】Android onTouch()和onTouchEvent()区别

    1.onTouch()方法: onTouch方式是View的OnTouchListener接口中定义的方法. 当一个View绑定了OnTouchListener后,当有Touch事件触发时,就会调用o ...

  4. where子句的具体含义

    今天同学让我帮他调代码,下面是出错的那句: txtSQL= "select * from student_Info where UserID='" & cboUserID. ...

  5. TCP服务器:多进程

    代码: server: #include<netinet/in.h> #include<sys/socket.h> #include<sys/wait.h> #in ...

  6. Remember the Word,LA3942(Trie树+DP)

    Trie树基础题,记录下代码. #include <cstdio> #include <cstring> #define MaxNode 4005*100 #define No ...

  7. Mounting File Systems

    1.Mounting File Systems Just creating a partition and putting a file system on it is not enough to s ...

  8. centos5.5上apache快速安装H264流媒体支持MP4-H264边下边播

    2013年的某一天,客户反馈北京同事做的广告视频下载速度好慢,几MB的视频在手机上要下载接近一分钟才能开始播放. 我分析后发现两点:1)托管的服务器没支持流媒体:2)广告视频MP4并非流媒体格式. 对 ...

  9. repeater 分页显示数据

    表名:ChinaStates 控件:Repeater 查询代码DA: public class ChinaStatesDA { private DataClassesDataContext Conte ...

  10. JQuery 操作基本控件

    根据控件的样式class获取控件 $(".className")......          //className代表的就是控件的样式 根据控件的ID获取控件 $(" ...