• logstash 处理nginx 错误日志

    2016/08/30 14:52:02 [error] 11325#0: *346 open() "/var/www/zjzc-web-frontEnd/%27%22%2f%3E%3C%2fscript%3E%3Cscript%3Ealert%28%29%3C%2fscript%3E" failed (2: No such file or directory), client: 10.171.246.184, server: localhost, request: "GET /%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E HTTP/1.1", host: "www.zjcap.cn", referrer: "https://www.zjcap.cn/%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E"


(?<timestamp>%{YEAR}[./-]%{MONTHNUM}[./-]%{MONTHDAY}[- ]%{TIME}) [%{LOGLEVEL:severity}] %{POSINT:pid}#%{NUMBER}: %{GREEDYDATA:errormessage}(?:, client: (?<remote_addr>%{IP}|%{HOSTNAME}))(?:, server: %{IPORHOST:server}?)(?:, request: %{QS:request})?(?:, upstream: (?<upstream>"%{URI}"|%{QS}))?(?:, host: %{QS:request_host})?(?:, referrer: "%{URI:referrer}")?

{
  "timestamp": [
    "2016/08/30 14:52:02"
  ],
  "severity": [
    "error"
  ],
  "pid": [
    "11325"
  ],
  "errormessage": [
    "*346 open() "/var/www/zjzc-web-frontEnd/%27%22%2f%3E%3C%2fscript%3E%3Cscript%3Ealert%28%29%3C%2fscript%3E" failed (2: No such file or directory)"
  ],
  "remote_addr": [
    "10.171.246.184"
  ],
  "server": [
    "localhost"
  ],
  "request": [
    ""GET /%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E HTTP/1.1""
  ],
  "upstream": [
    null
  ],
  "port": [
    null,
    null
  ],
  "request_host": [
    ""www.zjcap.cn""
  ],
  "referrer": [
    "https://www.zjcap.cn/%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E"
  ]
}
  • 相关阅读:
    C++内存检测函数_CrtSetBreakAlloc()
    Detours 的配置
    浅析杀毒软件开发原理
    Sqlite3初学
    java拦截器、过滤器的区别
    sudo 设置无需密码
    Visual Studio 2012/2010/2008 远程调试
    jquery 随笔
    网页中显示xml,直接显示xml格式的文件
    centos7.2_x64安装mysql.tar.gz
  • 原文地址:https://www.cnblogs.com/hzcya1995/p/13350329.html
Copyright © 2020-2023  润新知