Collector Configuration Details

nginx.conf

    log_format json  '{"@timestamp":"$time_iso8601",'
                 '"server_host":"$server_addr",'
                 '"server_name":"$server_name",'
                 '"server_port":"$server_port",'
                 '"server_protocol":"$server_protocol",'                 
                 '"client_ip":"$remote_addr",'
                 '"client_user":"$remote_user",'
                 '"request_line":"$request",'
                 '"status":"$status",'
                 '"request_method": "$request_method",'
                 '"send_client_body_size":"$body_bytes_sent",'
                 '"send_client_size":"$bytes_sent",'
                 '"request_length":"$request_length",'
                 '"request_time":"$request_time",'
                 '"upstream_time":"$upstream_response_time",'
                 '"upstream_host":"$upstream_addr",'
                 '"http_host":"$host",'
                 '"request_url":"$request_uri",'
                 '"http_x_forward":"$http_x_forwarded_for",'
                 '"proxy_add_x_forward":"$proxy_add_x_forwarded_for",'
                 '"http_referer":"$http_referer",'
                 '"user_agent":"$http_user_agent",'
                 '"http_upgrade":"$http_upgrade",'
                 '"http_cookie":"$http_cooke",'
                 '"gzip_ratio":"$gzip_ratio",'
                 '"pipeline":"$pipe",'
                 '"connection_requests":"$connection_requests",'
                 '"connection_number":"$connection",'
                 '"http_origin":"$http_origin",'
                 '"http_x_forwarded_proto":"$http_x_forwarded_proto",'
                 '"http_scheme":"$scheme"}';

    access_log /var/log/nginx/access.log json;

filebeat.docker.yml

filebeat.inputs:
- type: docker
  enabled: true
  containers.ids:
    - '*'
  processors:
    - add_docker_metadata: ~

filebeat.autodiscover:
  providers:
    - type: docker
      hints.enabled: true

output.logstash:
   hosts: ['logstash:5044']

logstash.conf

input {
  beats {
    port => 5044
  }
}


filter {
  if [container][name] == "nginx" {
    mutate {
        gsub => ["message", "\\x", "\\\x"]
        remove_field => ["beat"]
        convert => [ "send_client_size", "integer" ]
        convert => [ "send_client_body_size", "integer" ]
        convert => [ "request_length", "integer" ]
    }
    json {
        source => "message"
        remove_field => ["message"]
    }

    date {
        locale => "en"
        match => ["locals", "ISO8601"]
    }
    geoip {
        source => "client_ip"
    }
  }
}


output {
  if [container][name] == "nginx" {
    elasticsearch {
      hosts => ["http://es01:9200"]
      index => "nginx-%{+YYYY.MM.dd}"
      #user => "elastic"
      #password => "changeme"
    }
  }
  stdout {}
}

Elasticsearch Nginx Logs(beta-1)

by guaiguaile

Dashboard

Downloads: 58

Reviews: 0

Collector Configuration Details

nginx.conf

filebeat.docker.yml

logstash.conf

Get this dashboard:

Dependencies:

Grafana 7.3.4

Elasticsearch 1.0.0

Graph (old)

Pie Chart 1.6.1

Singlestat

Data Sources:

Collector Plugins:

Categories: