Logstash_Apache日志采集

[root@Cagios logstash-2.1.0]# cat /usr/local/logstash-2.1.0/logstash_agent.conf 
input {
  file {
    type => "apache_access"
    path => ["/var/log/httpd/access_log"]
  }
}

filter {
  grok {
    match => {"message" => "%{COMBINEDAPACHELOG}"}
  }
}

output {
  stdout {codec => rubydebug }
  redis {
    host => '192.168.55.133'
    data_type => 'list'
    key => 'logstash:redis'
  }
}

# 采集到的日志格式

{
        "message" => "192.168.55.1 - - [08/Dec/2015:12:35:21 +0800] "POST /zabbix/jsrpc.php?output=json-rpc HTTP/1.1" 200 64 "http://192.168.55.132/zabbix/hostgroups.php?sid=ec7705df8ce1f99f" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36"",
       "@version" => "1",
     "@timestamp" => "2015-12-08T04:35:21.342Z",
           "host" => "0.0.0.0",
           "path" => "/var/log/httpd/access_log",
           "type" => "apache_access",
       "clientip" => "192.168.55.1",
          "ident" => "-",
           "auth" => "-",
      "timestamp" => "08/Dec/2015:12:35:21 +0800",
           "verb" => "POST",
        "request" => "/zabbix/jsrpc.php?output=json-rpc",
    "httpversion" => "1.1",
       "response" => "200",
          "bytes" => "64",
       "referrer" => ""http://192.168.55.132/zabbix/hostgroups.php?sid=ec7705df8ce1f99f"",
          "agent" => ""Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36""
}