Сравнение постов
Различия между постами
#127449 (09.10.2019 16:17)
и
#230441 (01.11.2021 00:36).
1 | input { | |
2 | beats { | |
3 | type => "postfix" | |
4 | port => 5044 | |
5 | } | |
6 | } | |
7 | ||
8 | filter { | |
9 | if [type] == "postfix" { | |
10 | grok { | |
11 | match => { "message" => "%{SYSLOGTIMESTAMP} %{SYSLOGHOST} %{DATA:program}(?:\[%{POSINT}\])?: %{GREEDYDATA:message}" } | |
12 | } | |
13 | } | |
14 | } | |
15 | output { | |
16 | elasticsearch { | |
17 | type => "postfix" | |
18 | hosts => "localhost:9200" | |
19 | index => "postfix-%{+YYYY.MM.dd}" | |
20 | } | |
21 | ||
22 | } |