ELK,kibana给定匹配模式会出现另一个索引的数据。
初学elk,搭建了个日志收集的样子,展现数据的时候遇到疑问。
我logstash设置了两个pipeline,rabbitmq和http两个input:
input {
rabbitmq {
host => "rabbitmq"
subscription_retry_interval_seconds => 5
queue => "hello"
}
}
# The filter part of this file is commented out to indicate that it
# is optional.
# filter {
#
# }
output {
elasticsearch {
hosts => "elasticsearch:9200"
manage_template => false
index => "rabbitmq-log-test-%{+YYYY.MM.dd}"
}
}
input {
http {
additional_codecs => {"application/json"=>"json"}
port => 8080
threads => 2
}
}
# The filter part of this file is commented out to indicate that it
# is optional.
# filter {
#
# }
output {
elasticsearch {
hosts => "elasticsearch:9200"
manage_template => false
index => "http-log-test-%{+YYYY.MM.dd}"
}
}
rabbit写入数据:{"site":"a", "level":"error", "message": "unknow error", "trace":"sdfsfsf"}
http写入数据:{"site":"b","error":"adsfsdf","trace":"asdsfdsf"}
Elasticsearch的索引
Kibana的索引模式:
Kibana discover查看页面:
我是想问,我kibana的搜索模式没有http-log的数据,为什么在discover的数据列表里面出现了http-log的数据?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论