极客观点
项目管理
HarmonyOS
logstash分析日志。
日志如下:
2018-07-19 14:02:12.577|INFO |[164acb702b5-12] - crmlog|1234567890|118|0|操作成功!|263|xxxxlogstash配置如下
input {
file {
path => [ "xxxx\log.txt" ]
start_position => beginning
type => "crm"
codec => plain { charset => "UTF-8" }
}
}
filter{
grok{
match => {
"message" => "(?<orderDate>%{YEAR:year}\-%{MONTH:month}\-%{DAY:day}%{TIME:time}\.%{INT:int})\|%{WORD:level}\|\[%{USER:pid}\]\-%{WORD:logType}\|%{USER:num}\|%{INT:operation}\|%{INT:result}\|%{DATA:resultmessage}\|%{INT:time}\|%{USER:operator}"
}
}
}输出到elasticsearch中,在kibana里查看,只有:
"message": """2018-07-19 13:40:02.057|INFO |[164acb5f03b-28] - crmlog|1234567890|105|11100007|\xD3\u{B2EF4}\xE6\xD4ڻ\xF2\xD2\xD1ע\xCF\xFA|8|xxxx\r""",而没有把所有字段列举出来,像这样的效果:
"orderDate":2018-07-19 13:40:02.057,
"level":INFO,还有中文乱码。。。
拜托了 T^T.