카테고리 : IT2/elk stack buytime | 2023. 1. 27. 19:36
[INPUT] input { syslog { port => 9407 // 포트는 임의로 지정 grok_pattern => "%{GREEDYDATA:message}" } } [Filter] filter { dissect { mapping => { "message" => "%{created.month} %{created.date} %{created.time} %{[machine][name]} %{[event][category]}: ver:%{version},%{msg}" } } mutate { gsub => ["message","\n",""] } date { match => ["time","yyyy-MM-dd HH:mm:ss","MMM d HH:mm:ss"] timezone => "Asia/Seoul" lo..
