Mercurial > logstash
diff logstash.conf @ 3:796ac0b50dbf
add cron.daily index cleaning
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Thu, 07 Mar 2013 10:41:01 -0800 |
parents | 59fe08a2fcbe |
children | 6b7beb807d14 |
line wrap: on
line diff
--- a/logstash.conf Fri Mar 01 18:54:53 2013 -0800 +++ b/logstash.conf Thu Mar 07 10:41:01 2013 -0800 @@ -32,6 +32,15 @@ pattern => "%{SENDMAIL}" patterns_dir => "/var/lib/logstash/data/patterns" } + grep { + type => "sendmail" + match => [ "program", "sendmail" ] + } + grep { + type => "sendmail" + negate => true + match => [ "message", "^(M|m)ilter" ] + } grok { type => "linux-syslog" @@ -40,7 +49,7 @@ date { # do we need this? the above picks up SYSLOGTIMESTAMP %{MONTH} +%{MONTHDAY} %{TIME} type => "linux-syslog" - timestamp => ["MMM dd HH:mm:ss","MMM d HH:mm:ss"] + timestamp => ["MMM dd HH:mm:ss","MMM d HH:mm:ss"] } grok { type => "apache-access"