[root@localhost ~]# cat /etc/logstash/conf.d/node1.conf
input {
file {
path => "/var/log/messages"
type => "system"
start_position => "beginning"
}
file {
path => "/var/log/secure"
type => "secure"
start_position => "beginning"
}
}
output {
if [type] == "system" {
elasticsearch {
hosts => ["10.10.2.161:9200"]
index => "nagios-system-%{+YYYY.MM.dd}"
}
}
if [type] == "secure" {
elasticsearch {
hosts => ["10.10.2.161:9200"]
index => "nagios-secure-%{+YYYY.MM.dd}"
}
}
}
上面是logstash的配置,想抓取日志到elasticsearch上显示,但是在elasticsearch上看没有对应的nagios-secure和nagios-system文件,如下,请问是不是哪里还要配置什么东西,请知道的告诉下谢谢
