[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

31`31`

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

ddsad

ArgumentError: comparison of String with 5 failed

             >= at org/jruby/RubyComparable.java:155

             >= at org/jruby/RubyString.java:1853

    output_func at (eval):138

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:293

           each at org/jruby/RubyArray.java:1613

         inject at org/jruby/RubyEnumerable.java:852

   output_batch at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:287

    worker_loop at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:232

  start_workers at /usr/local/logstash-2.3.4/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:201

[elk@dr-mysql01 frontend]$ ^C

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ vim std02.conf

[elk@dr-mysql01 frontend]$ cat std02.conf

input {

    stdin {

      type => "zj_scan"

    }

}

filter {

    grok {

            match =>[

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request}\?.* HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message" , "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)",

             "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} (?<http_url>\S+)\s+HTTP/%{NUMBER:httpversion}\"\s+\-\s+%{NUMBER:http_status_code}\s+%{NUMBER:bytes}\s+\"\-\"\s+\"(?<http_user_agent>(\S+))\"\s+(%{BASE16FLOAT:request_time})\s+(%{IPORHOST:http_x_forwarded_for}|-)"

        ]

    }

       geoip {

                        source => "http_x_forwarded_for"

                        target => "geoip"

                        database => "/usr/local/logstash-2.3.4/etc/GeoLiteCity.dat"

                        add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]

                        add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}"  ]

                }

                mutate {

                        convert => [ "[geoip][coordinates]", "float"]

                        convert => [ "request_time", "float"]

                       add_field =>["response_time","%{request_time}"]

                        convert => [ "response_time", "float"]

                        add_field => [ "[@metadata][zabbix_key]" , "logstash-api-access" ]

                       add_field => [ "[@metadata][zabbix_host]" , "dr-mysql01" ]

                       add_field =>["messager","%{type}%{message}"]

                        remove_field =>["request_time"]

                        remove_field =>["message"]

                }

              date {

        match => ["time", "dd/MMM/yyyy:HH:mm:ss Z"]

    }

}

output {

        	stdout {

			codec => rubydebug

		}

#        if [response_time] >= 5  {

#          zabbix {

#                zabbix_host => "[@metadata][zabbix_host]"

#                zabbix_key => "[@metadata][zabbix_key]"

#        zabbix_server_host => "192.168.32.55"

#        zabbix_server_port => "10051"

#                zabbix_value => "messager"

#        }

# }

}

[elk@dr-mysql01 frontend]$ ../../bin/logstash -f std02.conf

Settings: Default pipeline workers: 8

Pipeline main started

121

{

         "@version" => "1",

       "@timestamp" => "2016-09-27T05:40:46.547Z",

             "type" => "zj_scan",

             "host" => "dr-mysql01.zjcap.com",

             "tags" => [

        [0] "_grokparsefailure"

    ],

    "response_time" => "%{request_time}",

         "messager" => "zj_scan121"

}

加载zabbix 插件后,只要匹配不上 logstash就会挂掉,不会打印匹配不上的记录

zabbix 插件使用问题的更多相关文章

  1. logstash tomcat catalina.out zabbix 插件不会引起崩溃

    input { file { type => "zj_api" path => ["/data01/applog_backup/zjzc_log/zj-api ...

  2. logstash 安装zabbix插件

    <pre name="code" class="html">[root@xxyy yum.repos.d]# yum install ruby Lo ...

  3. centos7.4_x86_64安装grafana5.2.1并安装常用zabbix插件

    获取并安装grafana5.2.1# wget https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-5.2.1-1. ...

  4. Logstash zabbix 插件

    zabbix 监控 logstash 安装社区扩展包wget http://download.elasticsearch.org/logstash/logstash/logstash-contrib- ...

  5. 使用Zabbix监控Oracle数据库

    Orabbix介绍 监控Oracle数据库我们需要安装第三方提供的Zabbix插件,我们先测试比较有名的Orabbix,http://www.smartmarmot.com/product/orabb ...

  6. 给zabbix穿一件漂亮的衣服

    推荐给zabbix穿上一件漂亮的衣服,安装Grafana推荐连接:http://www.myexception.cn/software-testing/2008870.html yum install ...

  7. Grafana + Zabbix --- 部署分布式监控系统

    阅读目录: 1. 关闭防火墙 2. 安装Zabbix下载源 3. ZabbixClient  --- 安装zabbix-agent代理 4. ZabbixServer --- 安装zabbix-ser ...

  8. zabbix利用orabbix监控oracle

    Orabbix 是一个用来监控 Oracle 数据库实例的 Zabbix 插件.(插件安装在zabbix-server端) 下载地址:http://www.smartmarmot.com/produc ...

  9. Docker部署Zabbix+Grafana监控

    Docker部署Zabbix+Grafana监控 环境 centos 7 ; Docker 17.12.0-ce ; docker-compose version 1.20.1 2018-4-1 当前 ...

随机推荐

  1. 开源消息中间件DotNetMQ

    由于这个开源项目对我这种中间件菜鸟很有帮助,因此,我将官方的说明文档翻译如下: Introduction In this article, I will introduce a new and ind ...

  2. Visual Studio 2012 Ultimate 上安装 Python 开发插件 PTVS

    1.我的环境 操作系统:32位 Win7 旗舰版 Service Pack 1 VS版本:Microsoft Visual Studio Ultimate 2012 版本 11.0.50727.1 R ...

  3. js类封装

    将js方法封装成类,好处就是团队开发中避免命名冲突,部分类整理代码如下: function LocalStorageHelper() { //检测浏览器是否支持localStorage this.ch ...

  4. Underscore.js 常用类型判断以及一些有用的工具方法

    1. 常用类型判断以及一些有用的工具方法 underscore.js 中一些 JavaScript 常用类型检查方法,以及一些工具类的判断方法. 首先我们先来谈一谈数组类型的判断.先贴出我自己封装好的 ...

  5. linux nohup命令

    nohup 命令 用途:不挂断地运行命令.如果你正在执行一个job,并且你希望在退出帐户/关闭终端之后继续运行,可以使用nohup命令.nohup就是不挂起的意思( no hang up). 语法:n ...

  6. memcache和数据库的使用技巧

    1.加速无数据的访问速度毋庸置疑取数据先去取下memcache里的数据,如果没有再去数据库取数据但这样如果我取100次都是没有的那么我得去数据库去取100次 如果还是重复的...那么效率就不高了 解决 ...

  7. XFire构建服务端Service的两种方式

    1.原声构建: 2.集成spring构建 http://blog.csdn.net/carefree31441/article/details/4000436XFire构建服务端Service的两种方 ...

  8. iOS中使用Localizable.strings适配App在不同语言下文本的显示

    iOS开发中,若是使用xib或storyboard搭建界面视图,视图中固定显示的文本内容可以用localized添加不同语言适配.但是在实际中会有动态加载的文本,这些文字的适配就需要NSLocaliz ...

  9. C# linq的学习及使用

    linq可以对多种数据源和对象进行查询,如数据库.数据集.XML文档.数组等. 通过对linq的使用,可以减少代码量并优化检索操作. LINQ关键字 from 指定数据源和范围变量 where 根据布 ...

  10. C++拾遗(十一)类继承

    首先,这里提到的继承都是公用继承. 派生类 1.派生类需要添加自己的构造函数. 2.派生类创建之前会首先创建基类对象,即调用基类构造函数.在派生类构造函数后通过初始化列表将参数传递给基类构造函数. 3 ...