Logstash - 安装配置 - TrustNature

Logstash - 安装配置

一、修改启动选项

可以设置内存大小和时区-Duser.timezone=GMT+08

docker logstash @timestamp 时间相差8个小时解决方法

首先修改容器时间为上海时间

第二修改logstash配置文件

filter {

  if [log_channel] == "kong" {
    ruby {
    code => "event.set('timestamp', event.get('@timestamp').time.localtime + 8*60*60)"
    }
    ruby {
        code => "event.set('@timestamp',event.get('timestamp'))"
    }
    mutate {
       rename =>{"[host]" => "[host][name]"}
       remove_field => ["timestamp"]
    }

    geoip {
      source => "[request][headers][remoteip]"
      remove_field => ["tags", "[geoip][latitude]", "[geoip][longitude]", "[geoip][continent_code]", "[geoip][country_code3]", "[geoip][country_code2]"]
    }

  }
}

View Code

posted on 2021-12-28 11:01 TrustNature 阅读(183) 评论(0) 收藏举报

刷新页面返回顶部

不忘初心

Logstash - 安装配置

导航

公告