openstack/openstack-ansible-ops
Code Issues Proposed changes

Merge "Use correct parsed timestamp"

Browse Source
This commit is contained in:
Zuul 2018-09-24 19:52:59 +00:00 committed by Gerrit Code Review
commit fb46c5a0f9
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
elk_metrics_6x/templates/logstash-pipelines.yml.j2
View File

@ -183,7 +183,10 @@
"^%{CISCOTIMESTAMP:journalddate}%{SPACE}%{SYSLOGHOST:host}%{SPACE}%{SYSLOGPROG:prog}%{SPACE}%{TIMESTAMP_ISO8601:logdate}%{SPACE}%{NUMBER:pid}%{SPACE}%{NOTSPACE:loglevel}%{SPACE}%{NOTSPACE:module}%{SPACE}%{GREEDYDATA:logmessage}" "^%{CISCOTIMESTAMP:journalddate}%{SPACE}%{SYSLOGHOST:host}%{SPACE}%{SYSLOGPROG:prog}%{SPACE}%{TIMESTAMP_ISO8601:logdate}%{SPACE}%{NUMBER:pid}%{SPACE}%{NOTSPACE:loglevel}%{SPACE}%{NOTSPACE:module}%{SPACE}%{GREEDYDATA:logmessage}"
] ]
} }
add_field => { "received_at" => "%{@timestamp}" } }
date {
match => [ "logdate", ISO8601 ]
remove_field => [ "logdate" ]
} }
if "nova" in [tags] { if "nova" in [tags] {
mutate { mutate {