Class: Log2Json::Filters::NginxAccessLogFilter
- Inherits:
-
GrokFilter
- Object
- GrokFilter
- Log2Json::Filters::NginxAccessLogFilter
- Defined in:
- lib/log2json/filters/nginx_access.rb
Overview
Constant Summary
Constants inherited from GrokFilter
GrokFilter::CONFIG, GrokFilter::DEFAULT_PATTERNS
Instance Attribute Summary
Attributes inherited from GrokFilter
Instance Method Summary collapse
- #filter(record) ⇒ Object
-
#initialize(name, config = {}) ⇒ NginxAccessLogFilter
constructor
A new instance of NginxAccessLogFilter.
Constructor Details
#initialize(name, config = {}) ⇒ NginxAccessLogFilter
Returns a new instance of NginxAccessLogFilter.
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/log2json/filters/nginx_access.rb', line 10 def initialize(name, config={}) # Thanks to - http://boojapathy.wordpress.com/2012/04/29/logstash-graylog-cant-ask-more-for-logging/ # # 10.180.129.178 - - [11/Jul/2014:14:10:28 -0400] "GET /api/v1/my_score/events?game_date.in=2014-07-10T05:00:00,2014-07-15T04:59:59&rpp=-1 HTTP/1.1" 200 156 "-" "theScore/3.11 Android-OS/4.4.2 (Android; Phone, SGH-M919)" 0.009 "Bearer pgAXgGYcBz2qYbFzrEhK" "127.0.0.1" # type = config.delete(:type) {'nginx-access'} super(type, name, [ %w[ %{IP:ip} (?:%{HOST:host}|-) (?:%{USER:user}|-) \\\[%{HTTPDATE:datetime}\\\] +"(?:%{WORD:method} %{URIPATHPARAM:path} HTTP/%{NUMBER:version}|%{DATA:request})" %{NUMBER:status} (?:%{NUMBER:size:int}|-) %{QUOTEDSTRING:referrer} %{QUOTEDSTRING:user_agent} %{NUMBER:request_time:float} (?:%{QUOTEDSTRING:auth_header}|-) (?:%{QUOTEDSTRING:forwarded_for}|-) ].join(' ') ], config ) end |
Instance Method Details
#filter(record) ⇒ Object
32 33 34 35 36 37 38 39 |
# File 'lib/log2json/filters/nginx_access.rb', line 32 def filter(record) return nil if super(record).nil? # eg, 23/Nov/2012:19:11:10 +0000 record['@timestamp'] = DateTime.strptime(record['@fields']['datetime'], "%d/%b/%Y:%T %z") record['@fields'].delete('datetime') record['@tags'] << "nginx" << "http" record end |