问题描述
我能够设置并graylog的Web,并能设置输入生成的日志的Apache2,Tomcat和与结果帮助其他应用程序
例如。
I am able to to setup graylog-server and graylog-web and able to setup input for generated log of apache2, tomcat and other applications with the help of graylog-collector
e.g.
apache-access {
type = "file"
path = "/var/log/apache2/access.log"
outputs = "gelf-tcp,console"
}
tomcat-debug {
type = "file"
path = "/home/alok/packages/apache-tomcat-7.0.59/logs/mydomain.debug.log"
outputs = "gelf-tcp,console"
}
如何看到旧的日志文件登录graylog?我试图建立graylog集电极旧的日志文件,graylog是听它,但不能显示日志文件内容。如果有人知道实现这个请分享方式
How to see log from old log files in graylog? I tried to setup graylog-collector for old log file, graylog is listening to it but not showing content of log file. if someone know the way to achieve this please share
推荐答案
我能看到graylog的web我的旧日志文件(.log文件)的。
I am able to see my old log files (.log file) in graylog-web with help of logstash.
我刚安装logstash创造的内容有一个简单的logstash配置文件
I just installed logstash and created a simple logstash configuration file having content
input {
file {
path => "/home/alok/Downloads/old_apache_access.log"
start_position => "beginning"
}
}
#filter {
# add filter according to need
#}
output {
gelf {
host => "10.149.235.66"
}
}
路径
是我要导入到graylog我的旧日志文件的路径。结果 START_POSITION
从哪里读取日志行告诉logstash。结果 GELF
在graylog的格式输出日志。结果主机
是graylog服务器的地址。
path
is path for my old log file that I want to import to graylog.start_position
tell logstash from where log lines to be read.gelf
to output logs in graylog's format.host
is address of graylog server.
现在我可以运行logstash读通过运行命令日志文件。结果 $ /选择/ logstash /斌/ logstash -f /etc/logstash/conf.d/logstash-simple.conf
now I can run logstash to read log file by running command.$/opt/logstash/bin/logstash -f /etc/logstash/conf.d/logstash-simple.conf
现在我将graylog添加输入从logstash接收日志。对于在主菜单转到系统>>输入
Now I will add input in graylog for receiving logs from logstash. for that in main menu goto System >> Inputs
然后选择 GELF UDP
和劳克这个新选定的输入,并给予所有权这一点,最后点击启动按钮。
Then choose GELF UDP
and lauch this newly selected input and give title to this and finally click on launch button.
现在人们可以看到新建的输入和点击查看收到的邮件,看日志
Now one can see newly created input and click on Show received messages to see logs
这篇关于如何导入旧的日志文件,以graylog作为输入?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!