Class: Log2Json::Filters::NginxAccessLogFilter
- Inherits:
-
GrokFilter
- Object
- GrokFilter
- Log2Json::Filters::NginxAccessLogFilter
- Defined in:
- lib/log2json/filters/nginx_access.rb
Overview
Constant Summary
Constants inherited from GrokFilter
GrokFilter::CONFIG, GrokFilter::DEFAULT_PATTERNS
Instance Attribute Summary
Attributes inherited from GrokFilter
Instance Method Summary collapse
- #filter(record) ⇒ Object
-
#initialize(name, config = {}) ⇒ NginxAccessLogFilter
constructor
A new instance of NginxAccessLogFilter.
Constructor Details
#initialize(name, config = {}) ⇒ NginxAccessLogFilter
Returns a new instance of NginxAccessLogFilter.
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
# File 'lib/log2json/filters/nginx_access.rb', line 10 def initialize(name, config={}) # Thanks to - http://boojapathy.wordpress.com/2012/04/29/logstash-graylog-cant-ask-more-for-logging/ # # 10.33.158.237 - - [12/Apr/2013:13:27:54 -0000] "GET /UEFA/news.json?blackberry_native_version=1.9.4&locale=es HTTP/1.1" 200 6495 "-" "-" "-" "-" "-" cache_status:BYPASS # type = config.delete(:type) {'nginx-access'} super(type, name, [ %w[ %{IP:ip} (?:%{HOST:host}|-) (?:%{USER:user}|-) \\\[%{HTTPDATE:datetime}\\\] +"(?:%{WORD:method} %{URIPATHPARAM:path} HTTP/%{NUMBER:version}|%{DATA:request})" %{NUMBER:status} (?:%{NUMBER:size}|-) %{QUOTEDSTRING:referrer} %{QUOTEDSTRING:user_agent} (?:%{GREEDYDATA:extra_info}) ].join(' ') ], config ) end |
Instance Method Details
#filter(record) ⇒ Object
30 31 32 33 34 35 36 37 |
# File 'lib/log2json/filters/nginx_access.rb', line 30 def filter(record) return nil if super(record).nil? # eg, 23/Nov/2012:19:11:10 +0000 record['@timestamp'] = DateTime.strptime(record['@fields']['datetime'], "%d/%b/%Y:%T %z") record['@fields'].delete('datetime') record['@tags'] << "nginx" << "http" record end |