input {
file {
path => "C:\App\logstash\exam\access.log"
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "accesslog"
}
stdout { codec => rubydebug }
}
Add Comment