logstash 处理nginx 错误日志

2016/08/30 14:52:02 [error] 11325#0: *346 open() "/var/www/zjzc-web-frontEnd/%27%22%2f%3E%3C%2fscript%3E%3Cscript%3Ealert%28%29%3C%2fscript%3E" failed (2: No such file or directory), client: 10.171.246.184, server: localhost, request: "GET /%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E HTTP/1.1", host: "www.zjcap.cn", referrer: "https://www.zjcap.cn/%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E"(?<timestamp>%{YEAR}[./-]%{MONTHNUM}[./-]%{MONTHDAY}[- ]%{TIME}) \[%{LOGLEVEL:severity}\] %{POSINT:pid}#%{NUMBER}: %{GREEDYDATA:errormessage}(?:, client: (?<remote_addr>%{IP}|%{HOSTNAME}))(?:, server: %{IPORHOST:server}?)(?:, request: %{QS:request})?(?:, upstream: (?<upstream>\"%{URI}\"|%{QS}))?(?:, host: %{QS:request_host})?(?:, referrer: \"%{URI:referrer}\")?{  "timestamp": [    "2016/08/30 14:52:02"  ],  "severity": [    "error"  ],  "pid": [    "11325"  ],  "errormessage": [    "*346 open() "/var/www/zjzc-web-frontEnd/%27%22%2f%3E%3C%2fscript%3E%3Cscript%3Ealert%28%29%3C%2fscript%3E" failed (2: No such file or directory)"  ],  "remote_addr": [    "10.171.246.184"  ],  "server": [    "localhost"  ],  "request": [    ""GET /%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E HTTP/1.1""  ],  "upstream": [    null  ],  "port": [    null,    null  ],  "request_host": [    ""www.zjcap.cn""  ],  "referrer": [    "https://www.zjcap.cn/%2527%2522%252f%253E%253C%252fscript%253E%253Cscript%253Ealert%2528%2529%253C%252fscript%253E"  ]}