• 获取nginx ip地理信息


    filter {
        grok {
            match => {
                 "message" => "%{IPORHOST:clientip} [%{HTTPDATE:time}] "%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}" - %{NUMBER:http_status_code} %{NUMBER:bytes} "(?<http_referer>S+)" "(?<http_user_agent>(S+s+)*S+)" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)"
            }
        }   
        geoip {
           source => "http_x_forwarded_for"
           add_tag => [ "geoip" ]
    #   database => "/var/geoip/GeoLiteCity.dat" 不是必须
    }
         
    }
    
    
    {
                     "message" => " 10.168.255.134 [01/Sep/2016:17:40:09 +0800] "GET /resources/js/index.js?v=20160629 HTTP/1.1" - 200 8249 "https://wenjinbao.winfae.com/" "Mozilla/5.0 (Windows NT 
    
    6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36" 0.001 115.234.131.214",
                    "@version" => "1",
                  "@timestamp" => "2016-09-01T09:41:45.430Z",
                        "path" => "/data01/applog_backup/winfae_log/wj-frontend02-access.2016-09-01",
                        "host" => "dr-mysql01.zjcap.com",
                        "type" => "wj_frontend_access",
                    "clientip" => "10.168.255.134",
                        "time" => "01/Sep/2016:17:40:09 +0800",
                        "verb" => "GET",
                     "request" => "/resources/js/index.js?v=20160629",
                 "httpversion" => "1.1",
            "http_status_code" => "200",
                       "bytes" => "8249",
                "http_referer" => "https://wenjinbao.winfae.com/",
             "http_user_agent" => "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36",
                "request_time" => "0.001",
        "http_x_forwarded_for" => "115.234.131.214",
                       "geoip" => {
                          "ip" => "115.234.131.214",
               "country_code2" => "CN",
               "country_code3" => "CHN",
                "country_name" => "China",
              "continent_code" => "AS",
                 "region_name" => "02",
                   "city_name" => "Wenzhou",
                    "latitude" => 27.99940000000001,
                   "longitude" => 120.66680000000002,
                    "timezone" => "Asia/Shanghai",
            "real_region_name" => "Zhejiang",
                    "location" => [
                [0] 120.66680000000002,
                [1] 27.99940000000001
            ]
        },
                        "tags" => [
            [0] "geoip"
        ]
    

  • 相关阅读:
    css之个人表单常用样式收藏
    oracle之序列问题集
    eclipse快捷键Two
    h5和App Native的交互方式
    Jenkins运行在Linux中,报No module namedxxxx(找不到包),如何解决
    ubuntu18 build opencv4 from source
    ubuntu无法进入图形界面可以进入终端
    ubuntu启动盘制作
    cpp_extention中nvcc命令指定gcc
    彻底删除Ubuntu EFI分区及启动项
  • 原文地址:https://www.cnblogs.com/hzcya1995/p/13350309.html
Copyright © 2020-2023  润新知