| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 |
- {
- // The network section covers network configuration :)
- "network": {
- // A list of downstream servers listening for our messages.
- // logstash-forwarder will pick one at random and only switch if
- // the selected one appears to be dead or unresponsive
- "servers": [ "localhost:5043" ],
- // The path to your client ssl certificate (optional)
- "ssl certificate": "./logstash-forwarder.crt",
- // The path to your client ssl key (optional)
- "ssl key": "./logstash-forwarder.key",
- // The path to your trusted ssl CA file. This is used
- // to authenticate your downstream server.
- "ssl ca": "./logstash-forwarder.crt",
- // Network timeout in seconds. This is most important for
- // logstash-forwarder determining whether to stop waiting for an
- // acknowledgement from the downstream server. If an timeout is reached,
- // logstash-forwarder will assume the connection or server is bad and
- // will connect to a server chosen at random from the servers list.
- "timeout": 15
- },
- // The list of files configurations
- "files": [
- // An array of hashes. Each hash tells what paths to watch and
- // what fields to annotate on events from those paths.
- {
- "paths": [
- // single paths are fine
- "/var/log/messages",
- // globs are fine too, they will be periodically evaluated
- // to see if any new files match the wildcard.
- "/var/log/*.log"
- ],
- // A dictionary of fields to annotate on each event.
- "fields": { "type": "syslog" }
- }, {
- // A path of "-" means stdin.
- "paths": [ "-" ],
- "fields": { "type": "stdin" }
- }, {
- "paths": [
- "/var/log/apache/httpd-*.log"
- ],
- "fields": { "type": "apache" },
- "dead time": "12h"
- }, {
- "paths": [
- "/var/log/apache/error-*.log"
- ],
- "fields": { "type": "error" },
- "multiline": { "pattern": "^[0-9]{4}", "negate": "true" },
- "dead time": "8h32m50s"
- }
- ]
- }
|
