1.安装Nginx
[root@web01 ~]# yum install -y nginx
2.配置Nginx日志格式
[root@web01 ~]# vim /etc/nginx/nginx.conf
... ...
http {
log_format json '{"@timestamp":"$time_iso8601",'
'"host":"$server_addr",'
'"clientip":"$remote_addr",'
'"size":$body_bytes_sent,'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"upstreamhost":"$upstream_addr",'
'"http_host":"$host",'
'"url":"$uri",'
'"referer":"$http_referer",'
'"agent":"$http_user_agent",'
'"status":"$status"}';
access_log /var/log/nginx/access.log json;
... ...
3.配置收集Nginx日志
[root@web01 ~]# vim /etc/logstash/conf.d/nginx_json.conf
input {
file {
path => "/var/log/nginx/access.log"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["10.0.0.51:9200"]
index => "nginx_json_%{+YYYY-MM-dd}.log"
}
}