search-nginx-access.yml
829 Bytes
filebeat.prospectors:
- input_type: log
paths:
- /Data/logs/nginx/search_access.log
document_type: nginx_access
fields:
source_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
region: "az1"
service: "search"
fields_under_root: true
tail_files: true
- input_type: log
paths:
- /Data/logs/nginx/search_error.log
document_type: nginx_access_error
fields:
source_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
region: "az1"
service: "search"
fields_under_root: true
tail_files: true
multiline.pattern: '^\d{4}'
multiline.negate: true
multiline.match: after
output.kafka:
enabled: true
hosts: ["10.66.105.67:9092"]
topic: '%{[type]}'
compression: snappy
max_message_bytes: 10000001
worker: 2