在conf.d目录下创建文件logs.conf用于收集*.log中的日志
output { stdout { codec=> rubydebug } if [type] == "logfile" { elasticsearch { hosts => ["10.10.1.11:9200"] user => elastic password => SA33bbvbDc4H27qKRduk index => "log-%{+YYYY.MM.dd}" document_type => "log" } } if ([level] == "ERROR" or [level] == "FATAL") { email { to => "xxxx" from => "xxxx" username => "gxxxx" password => "xxxx" address => "xxxxxx" port => 587 via => "smtp" use_tls => true subject => "项目%{project_name}发现严重错误" body => "主机名称: %{HOSTNAME}\n 主机地址: %{host}\n 项目: %{project_name}\n 时间: %{createTime}\n 日志级别: %{level}\n 类名: %{logger_name}\n 日志: %{message}" authentication => "plain" } } }qq:493763664 文章来源: logstash配置