Logstash解析Nginx访问日志

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Logstash解析Nginx访问日志相关的知识,希望对你有一定的参考价值。

nginx日志格式

    log_format  main  ‘$remote_addr - $remote_user [$time_local] "$request" ‘
                      ‘$status $body_bytes_sent "$http_referer" ‘
                      ‘"$http_user_agent" "$http_x_forwarded_for" ‘
                        ‘"$http_host" "$request_time" "$upstream_response_time" $http_device $http_appversion $upstream_addr ‘
                      ‘$http_openudid $http_code $http_networkType "$http_deviceModel" "$http_osVersion"‘;

解析格式为

%IPORHOST:Client_IP (%NGUSER:ident|-) (%NGUSER:auth|-) \[%HTTPDATE:timestamp\] "%WORD:Http_Method %URIPATHPARAM:Http_Request HTTP/%NUMBER:Http_Version" %NUMBER:Http_Status_Code (?:%NUMBER:Http_Bytes|-) (?:"(?:%URI:Http_Referrer|-)"|%QS:Http_Referrer) %QS:User_Agent "(%QS:X_Forwarded_For|-)" "(%IPORHOST:Site|-)" "(%NUMBER:Request_Time|-)" "(%NUMBER:Upstream_Response_Time|-)" (%WORD:Device|-) (%USERNAME:App_Version|-) (%HOSTNAME:Upstream_Host:%POSINT:Upstram_Port|-) (%WORD:Openudid|-) (%WORD:Usercode|-) (%WORD:NetType|-) "(%GREEDYDATA:Device_Name|-)" "(%GREEDYDATA:System_Verion|-)"

以上是关于Logstash解析Nginx访问日志的主要内容,如果未能解决你的问题,请参考以下文章

Nginx访问日志和错误日志的拆分(Logstash)

ELK之六-----logstash结合redis收集系统日志和nginx访问日志

nginx访问日志 logstash 配置文件实例2

nginx访问日志 logstash 配置文件实例1

71-日志分析系统ELK-Logstash过滤Filesbeat数据及ELK日志采集生产案例

logstash对nginx日志进行解析