geoip 添加一列,add_field =>["[geoip][request_time]","%{request_time}"]
来源:互联网 发布:recyclerview清空数据 编辑:程序博客网 时间:2024/06/07 15:13
"message" => " 10.171.246.184 [11/Sep/2016:14:42:53 +0800] \"GET /wechat/home.html?useragent=android_h5_zjcap&apiver=2 HTTP/1.1\" - 200 11601 \"-\" \"okhttp/2.6.0\" 0.001 182.239.100.236", "@version" => "1", "@timestamp" => "2016-09-11T06:43:14.948Z", "path" => "/data01/applog_backup/zjzc_log/zj-frontend01-access.2016-09-11", "host" => "dr-mysql01.zjcap.com", "type" => "zj_frontend_access", "clientip" => "10.171.246.184", "time" => "11/Sep/2016:14:42:53 +0800", "verb" => "GET", "request" => "/wechat/home.html", "httpversion" => "1.1", "http_status_code" => "200", "bytes" => "11601", "http_referer" => "-", "http_user_agent" => "okhttp/2.6.0", "request_time" => 0.001, "http_x_forwarded_for" => "182.239.100.236", "geoip" => { "ip" => "182.239.100.236", "country_code2" => "HK", "country_code3" => "HKG", "country_name" => "Hong Kong", "continent_code" => "AS", "region_name" => "00", "city_name" => "Kwai Chung", "latitude" => 22.349999999999994, "longitude" => 114.13330000000002, "timezone" => "Asia/Hong_Kong", "location" => [ [0] 114.13330000000002, [1] 22.349999999999994 ], "coordinates" => [ [0] 114.13330000000002, [1] 22.349999999999994 ] }}filter { grok { match =>[ "message","%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request}\?.* HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)", "message" , "%{IPORHOST:clientip} \[%{HTTPDATE:time}\] \"%{WORD:verb} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" \- %{NUMBER:http_status_code} %{NUMBER:bytes} \"(?<http_referer>\S+)\" \"(?<http_user_agent>(\S+\s+)*\S+)\" (%{BASE16FLOAT:request_time}) (%{IPORHOST:http_x_forwarded_for}|-)" ] } geoip { source => "http_x_forwarded_for" target => "geoip" database => "/usr/local/logstash-2.3.4/etc/GeoLiteCity.dat" add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ] add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}" ] } mutate { convert => [ "[geoip][coordinates]", "float"] convert => [ "request_time", "float"] add_field =>["[geoip][request_time]","%{request_time}"] }} "message" => " 10.252.142.174 [11/Sep/2016:14:45:24 +0800] \"GET /wechat/images/about/lss.7dcc3a4c.png HTTP/1.1\" - 200 5147 \"https://www.zjcap.cn/wechat/safe.html?useragent=android_h5_zjcap\" \"Mozilla/5.0 (Linux; Android 6.0; HUAWEI NXT-L29 Build/HUAWEINXT-L29; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/52.0.2743.98 Mobile Safari/537.36 android_h5_zjcap\" 0.000 182.239.100.236", "@version" => "1", "@timestamp" => "2016-09-11T06:47:02.315Z", "path" => "/data01/applog_backup/zjzc_log/zj-frontend02-access.2016-09-11", "host" => "dr-mysql01.zjcap.com", "type" => "zj_frontend_access", "clientip" => "10.252.142.174", "time" => "11/Sep/2016:14:45:24 +0800", "verb" => "GET", "request" => "/wechat/images/about/lss.7dcc3a4c.png", "httpversion" => "1.1", "http_status_code" => "200", "bytes" => "5147", "http_referer" => "https://www.zjcap.cn/wechat/safe.html?useragent=android_h5_zjcap", "http_user_agent" => "Mozilla/5.0 (Linux; Android 6.0; HUAWEI NXT-L29 Build/HUAWEINXT-L29; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/52.0.2743.98 Mobile Safari/537.36 android_h5_zjcap", "request_time" => 0.0, "http_x_forwarded_for" => "182.239.100.236", "geoip" => { "ip" => "182.239.100.236", "country_code2" => "HK", "country_code3" => "HKG", "country_name" => "Hong Kong", "continent_code" => "AS", "region_name" => "00", "city_name" => "Kwai Chung", "latitude" => 22.349999999999994, "longitude" => 114.13330000000002, "timezone" => "Asia/Hong_Kong", "location" => [ [0] 114.13330000000002, [1] 22.349999999999994 ], "coordinates" => [ [0] 114.13330000000002, [1] 22.349999999999994 ], "request_time" => 0.0 }}给 geoip 添加一列,add_field =>["[geoip][request_time]","%{request_time}"] 0 0
- geoip 添加一列,add_field =>["[geoip][request_time]","%{request_time}"]
- geoip
- geoip
- GeoIP
- $_SERVER['REQUEST_TIME']
- [log]logstash添加字段.geoip展示
- $request_time 和 $upstream_response_time 监控
- $request_time 和 $upstream_response_time 监控
- geoip设置
- 【geoip】geoip操作GeoLiteCity.dat
- nginx添加geoip支持ip转经纬度配置笔记
- AWStats扩展GeoIP
- python--geoip tool
- python 使用GeoIP
- bind-geoip编译使用说明
- Install GeoIP For Apache
- geoip PHP版本
- 安装GeoIP数据库
- 外销升级接口V2.1.3TPS波动较大-基于索引的sql优化
- Tomcat源码分析(一)--服务启动
- 7.15 K codeforces 696BPuzzle
- [模板]DFS序的应用-初级
- ImportREC输入表重建工具
- geoip 添加一列,add_field =>["[geoip][request_time]","%{request_time}"]
- Tomcat源码分析(二)--连接处理
- Python-json模块
- poj 2828 线段树(单点更新,逆序插入)
- 169\229- Majority Element
- Linux netstat命令详解
- 开源库由Bilibili
- spring bean中子元素lookup-method和replaced-method
- Tomcat源码分析(三)--连接器是如何与容器关联的?
