apache_log------>logstash----->redis---->logstash----->es
日志写到redis中
redis安装配置略
input{
path => "/var/log/access_log"
type => "acccess_log"
start_postition => "beginning"}
output{
redis{
host => "ip"
port => 6379
db => "2"
data_type => "list"
key => "access_log"
}}
logstash从redis中读取日志
input{
redis{
host => "ip"
port => 6379
db => "2"
data_type => "list"
key => "access_log"
type => "access_log"
}
}
filter{
grok{
match => { "messages" => "%{COMBINEDAPACHELOG}"} #logstash 默认组件
}
}
output{
elasticsearch {
hosts => ["ip:9200"]
index => "access_log-%{+YYYY.MM.dd}"
}
}
ab -n 100 -c 10 http://ip:port/index.jsp 100个请求,10个并发