我曾经通过FileBeat-LogStash管道将数据发送到Elasticsearch。处理了我通过log4net创建的日志,对其进行了变异,并将必填字段发送给了elastic。
现在,我想通过删除FileBeat和Logstash并使用Serilog及其elasticsearch sink来代替逻辑。
为了扩大图片的范围,我有一个API端点,该端点可以接收需要记录到文本文件中的请求,因此我需要一个File接收器。在代码的更深处,我的业务逻辑将利用接收到的数据,并创建一个对象,然后我需要将该对象提取为具有 flex 的索引。
最好的方法是什么,拥有一个Serilog实例并使用某种过滤或拥有两个Serilog实例?我更倾向于装饰(丰富)我的案例,然后通过过滤(一个Serilog实例)使用接收器,但是由于我是Serilog的新手,所以我不知道如何设置整个内容。
缩写的代码是这样的,
我的 Controller 类:
public class RequestController : ControllerBase
{
private readonly BLService _service = new BLService(Log.Logger);
[Route("Test")]
[HttpPost]
public IActionResult Test([FromBody]SampleRequest request)
{
var logId = Guid.NewGuid().ToString();
using (LogContext.PushProperty("LogId", logId))
Log.Information("{@request}", request);
var tran = new SampleTran
{
SampleTranType = "Test",
SampleTranId = request.Id,
EventTime = DateTime.Now
};
_service.ProcessTransaction(tran);
return new OkResult();
}
}
"Type"的"ElkData"属性,然后可以对其进行过滤:public class BLService
{
private readonly ILogger _log;
public BLService(ILogger logger)
{
_log = logger.ForContext("Type", "ElkData");
}
public void ProcessTransaction(SampleTran transaction)
{
var elkData = DoSomeStuffAndReturnElkTransactionToStore(transaction);
_log.Information("{@ElkData}", elkData );
}
}
appsettings.json看起来像这样:{
"Serilog": {
"MinimumLevel": {
"Default": "Information",
"Override": {
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Warning",
"System": "Warning"
}
},
"WriteTo": [
{
"Name": "File",
"Args": {
"path": "C:\\DEV\\Logs\\mylog-.txt",
"rollingInterval": "Day",
"outputTemplate": "{Timestamp:yyyy-MM-ddTHH:mm:ss.fff zzz} [{Level:u3}] {Message:j}{NewLine}{Exception}"
}
}
],
"Enrich": [ "FromLogContext" ]
},
"AllowedHosts": "*"
}
最佳答案
这是我设法完成所需工作的方式:
我使用ForContext丰富了我的日志项目。因此,在 Controller 中,我使用了:
var requestLog = Log.ForContext("Type", "Request");
requestLog.Information("Request: {@request}", request);//this needs to go to the log file
appsettings.json中将过滤描述为:{
"Serilog": {
"MinimumLevel": {
"Default": "Information",
"Override": {
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Warning",
"System": "Warning"
}
},
"WriteTo": [
{
"Name": "Logger",
"Args": {
"configureLogger": {
"Filter": [
{
"Name": "ByExcluding",
"Args": {
"expression": "Type = 'ElkData'"
}
}
],
"WriteTo": [
{
"Name": "File",
"Args": {
"path": "C:\\DEV\\Logs\\mylog-.txt",
"rollingInterval": "Day",
"outputTemplate": "{Timestamp:yyyy-MM-ddTHH:mm:ss.fff zzz} [{Level:u3}] {Message:j}{NewLine}{Exception}",
"shared": true
}
}
]
}
}
},
{
"Name": "Logger",
"Args": {
"configureLogger": {
"Filter": [
{
"Name": "ByIncludingOnly",
"Args": {
"expression": "Type = 'ElkData'"
}
}
],
"WriteTo": [
{
"Name": "Elasticsearch",
"Args": {
"nodeUris": "<your elastic url>",
"TypeName": "_doc",
"IndexFormat": "serilog_data",
"InlineFields": true,
"BufferBaseFilename": "C:\\DEV\\Logs\\elk_buffer"
}
}
]
}
}
}
]
}
}
"Type = 'ElkData'"扩充功能的日志除外,这些最终将以elasticsearch索引结尾。希望这种简单的方法有一天能帮助一些serilog新手
关于elasticsearch - Serilog输出到文件和Elasticsearch的最佳方法,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/63886412/