配置kibana Ingest Pipelines 处理器 spring-logback-proc
process spring logback log key filed to index 针对spring boot logback日志信息进行关键字段提取到elaticsearch

process spring logback log key filed to index 针对spring boot logback日志信息进行关键字段提取到elaticsearch

处理器名称: spring-logback-proc

PUT _ingest/pipeline/spring-logback-proc
{
  "description": "process spring logback log key filed to index",
  "processors": [
    {
      "grok": {
        "field": "message",
        "patterns": [
          "%{TIMESTAMP_ISO8601:logtime}%{SPACE}\\[%{WORD:trace.id}\\]%{SPACE}\\[%{DATA:thread_name}\\]%{SPACE}%{LOGLEVEL:log.level}%{SPACE}%{DATA:log.logger}%{SPACE}\\-%{SPACE}",
          "%{TIMESTAMP_ISO8601:logtime}%{SPACE}\\[%{DATA:thread_name}\\]%{SPACE}%{LOGLEVEL:log.level}%{SPACE}%{DATA:log.logger}%{SPACE}\\-%{SPACE}"
        ],
        "ignore_missing": true
      }
    },
    {
      "date": {
        "field": "logtime",
        "formats": [
          "yyyy-MM-dd HH:mm:ss.SSS"
        ],
        "timezone": "Asia/Shanghai"
      }
    }
  ]
}

对应的Logback 日志格式

%d{yyyy-MM-dd HH:mm:ss.SSS} [%X{traceId}] [%thread] %-5level %logger{50} - %msg%n

发布时间:2023-12-23 14:54:29 关键词:kibana 浏览量:0