Skip to content

Configure for AWS ALB/CLB Logs or Cloudfront #180

@dragosrosculete

Description

@dragosrosculete

Hello,

How do I configure to process ALB/CLB logs
I am trying to use this as a sample config_logstash_http_input_ipv6.yml . I tried so many variation but I have no idea ...

webhook_text_bulk_separator: ","

imports:
- type: grok_patterns
  dir: ./patterns

    #grok_patterns:
    #- 'ELB_ACCESS_LOG'

metrics:
- type: counter
  name: ELB_REQUEST_LINE
  help: Total number of rejected recipients, partitioned by error message.
  match: '%{TIMESTAMP_ISO8601:timestamp} %{NOTSPACE:elb} %{IP:clientip}:%{INT:clientport:int} (?:(%{IP:backendip}:?:%{INT:backendport:int})|-) %{NUMBER:request_processing_time:float} %{NUMBER:backend_processing_time:fl
oat} %{NUMBER:response_processing_time:float} %{INT:response:int} %{INT:backend_response:int} %{INT:received_bytes:int} %{INT:bytes:int} %{ELB_REQUEST_LINE}'
  labels:
    error_message: '{{.message}}'

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions