| # Licensed to the Apache Software Foundation (ASF) under one or more | |
| # contributor license agreements. See the NOTICE file distributed with | |
| # this work for additional information regarding copyright ownership. | |
| # The ASF licenses this file to You under the Apache License, Version 2.0 | |
| # (the "License"); you may not use this file except in compliance with | |
| # the License. You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| input { | |
| # Accept logs from file | |
| file { | |
| codec => "json" | |
| path => [ | |
| "/var/log/xdata/xdata-v3.log", | |
| "/var/log/xdata/xdata-js.log" | |
| ] | |
| start_position => beginning | |
| #sincedb_path => "/dev/null" | |
| } | |
| } | |
| filter { | |
| grok { | |
| match => [ "useraleVersion", "(?<major_ver>\d+).(?<minor_ver>\d+)(.(?<patch_ver>\d+))?" ] | |
| } | |
| mutate { | |
| convert => { "major_ver" => "integer" } | |
| convert => { "minor_ver" => "integer" } | |
| convert => { "patch_ver" => "integer" } | |
| } | |
| } | |
| output { | |
| if [major_ver] == 3 { | |
| # Output to Elasticsearch instance - userale v3 instrumented application | |
| elasticsearch { | |
| hosts => ["localhost"] | |
| action => "index" | |
| index => "xdata_v3" | |
| document_type => "testing" | |
| } | |
| } | |
| if [major_ver] == 4 { | |
| # Output to Elasticsearch instance - userale js instrumented application | |
| elasticsearch { | |
| hosts => ["localhost"] | |
| action => "index" | |
| index => "xdata_v4" | |
| document_type => "testing" | |
| } | |
| } | |
| # Debug | |
| stdout { codec => rubydebug } | |
| } |