Logstash 电子邮件从多个日志文件动态发出警报
Logstash email alerts dynamically from multiple log files
我有 logstash 配置文件,我在其中为消息中存在的特定文本编写了邮件警报,然后自动发送一封包含该消息的电子邮件。请找到配置文件(logstash.conf).`
输入{
file {
path => [ "\IP Address\logs/LMS.log.*_bak" ]
start_position => "beginning"
}
}
输出{
elasticsearch {
bind_host => "127.0.0.1"
port => "9200"
protocol => http
}
if "ERROR" in [message] {
email {
from => "logstash.alert@nowhere.com"
subject => "logstash alert"
to => "test.lms@gmail.com"
via => "smtp"
body => "Here is the event line that occured: %{message}"
}
}
}
`
在这里,我没有收到来自 configuration.So 的任何电子邮件,任何人请找到该配置为我提供解决方案,谢谢...
是的,我终于找到了针对消息字段中的任何错误发送电子邮件警报的解决方案。
output {
elasticsearch {
bind_host => "127.0.0.1"
port => "9200"
protocol => http
}
if "ERROR" in [message] {
email {
options => [ "smtpIporHost", "smtp.gmail.com",
"port", "587",
"userName", "test@gmail.com",
"password", "your password",
"authenticationType", "plain",
"starttls","true"
]
from => "<test@gmail.com>"
subject => "logstash alert"
to => "<test@gmail.com>"
via => "smtp"
body => "Here is the event line that occured: %{message}"
}
}
stdout { codec => rubydebug }
}
收到此错误。
logstash_1 | [2017-08-14T07:05:57,056][ERROR][logstash.plugins.registry] Problems loading a plugin with {:type=>"output", :name=>"email", :path=>"logstash/outputs/email", :error_message=>"NameError", :error_class=>NameError, :error_backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb:221:in `namespace_lookup'", "/usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb:157:in `legacy_lookup'", "/usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb:133:in `lookup'", "/usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb:175:in `lookup_pipeline_plugin'", "/usr/share/logstash/logstash-core/lib/logstash/plugin.rb:137:in `lookup'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:88:in `plugin'", "(eval):16:in `initialize'", "org/jruby/RubyKernel.java:1079:in `eval'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:60:in `initialize'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:139:in `initialize'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:277:in `create_pipeline'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:95:in `register_pipeline'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:264:in `execute'", "/usr/share/logstash/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:67:in `run'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:183:in `run'", "/usr/share/logstash/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:132:in `run'", "/usr/share/logstash/lib/bootstrap/environment.rb:71:in `(root)'"]}
logstash_1 | [2017-08-14T07:05:57,108][ERROR][logstash.agent ] Cannot load an invalid configuration {:reason=>"Couldn't find any output plugin named 'email'. Are you sure this is correct? Trying to load the email output plugin resulted in this error: Problems loading the requested plugin named email of type output. Error: NameError NameError"}
logstash_1 | 2017-08-14 07:05:57,210 Api Webserver ERROR No log4j2 configuration file found. Using default configuration: logging only errors to the console.
请看一下,如果我们必须做一些额外的配置才能使用电子邮件,请告诉我。
我有 logstash 配置文件,我在其中为消息中存在的特定文本编写了邮件警报,然后自动发送一封包含该消息的电子邮件。请找到配置文件(logstash.conf).`
输入{
file {
path => [ "\IP Address\logs/LMS.log.*_bak" ]
start_position => "beginning"
}
}
输出{
elasticsearch {
bind_host => "127.0.0.1"
port => "9200"
protocol => http
}
if "ERROR" in [message] {
email {
from => "logstash.alert@nowhere.com"
subject => "logstash alert"
to => "test.lms@gmail.com"
via => "smtp"
body => "Here is the event line that occured: %{message}"
}
}
}
` 在这里,我没有收到来自 configuration.So 的任何电子邮件,任何人请找到该配置为我提供解决方案,谢谢...
是的,我终于找到了针对消息字段中的任何错误发送电子邮件警报的解决方案。
output {
elasticsearch {
bind_host => "127.0.0.1"
port => "9200"
protocol => http
}
if "ERROR" in [message] {
email {
options => [ "smtpIporHost", "smtp.gmail.com",
"port", "587",
"userName", "test@gmail.com",
"password", "your password",
"authenticationType", "plain",
"starttls","true"
]
from => "<test@gmail.com>"
subject => "logstash alert"
to => "<test@gmail.com>"
via => "smtp"
body => "Here is the event line that occured: %{message}"
}
}
stdout { codec => rubydebug }
}
收到此错误。
logstash_1 | [2017-08-14T07:05:57,056][ERROR][logstash.plugins.registry] Problems loading a plugin with {:type=>"output", :name=>"email", :path=>"logstash/outputs/email", :error_message=>"NameError", :error_class=>NameError, :error_backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb:221:in `namespace_lookup'", "/usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb:157:in `legacy_lookup'", "/usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb:133:in `lookup'", "/usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb:175:in `lookup_pipeline_plugin'", "/usr/share/logstash/logstash-core/lib/logstash/plugin.rb:137:in `lookup'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:88:in `plugin'", "(eval):16:in `initialize'", "org/jruby/RubyKernel.java:1079:in `eval'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:60:in `initialize'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:139:in `initialize'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:277:in `create_pipeline'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:95:in `register_pipeline'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:264:in `execute'", "/usr/share/logstash/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:67:in `run'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:183:in `run'", "/usr/share/logstash/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:132:in `run'", "/usr/share/logstash/lib/bootstrap/environment.rb:71:in `(root)'"]}
logstash_1 | [2017-08-14T07:05:57,108][ERROR][logstash.agent ] Cannot load an invalid configuration {:reason=>"Couldn't find any output plugin named 'email'. Are you sure this is correct? Trying to load the email output plugin resulted in this error: Problems loading the requested plugin named email of type output. Error: NameError NameError"}
logstash_1 | 2017-08-14 07:05:57,210 Api Webserver ERROR No log4j2 configuration file found. Using default configuration: logging only errors to the console.
请看一下,如果我们必须做一些额外的配置才能使用电子邮件,请告诉我。