- 积分
- 16843
在线时间 小时
最后登录1970-1-1
|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?开始注册
x
vim /etc/filebeat/filebeat.yml : s2 I6 ^+ s2 g/ Y
8 |4 |. ]0 o7 } F
9 Y1 h/ g( U. m$ t# I1 P) F& V; S S% S; D) U
filebeat.inputs:
! u* ~: i) k! y7 Z" H. D0 q - type: log9 c( ?: |7 f2 I: t3 T9 M0 w# W
enabled: true
$ ^/ M H- x4 p4 y# p paths:
! u* N# Y2 J; n* {, t - /var/log/messages
7 G, [+ W" ]* K9 M0 Q( j tags: ["messages"]
& [4 U$ E* g2 x fields_under_root: true
* M+ d" K' \9 V: r
6 C# |! L/ [, m; ^5 r! C - type: log
}5 B1 `$ I6 D3 r" `4 G5 \ enabled: true6 Z( ~3 N" G7 H7 q" ]2 s
paths:
6 r; |! a/ |& U; t" o) }. ? - /var/log/nova/nova-compute.log
5 M9 S% L6 s, d# H1 Q tags: ["nova-compute"]( B: X5 m% r! @4 I
fields_under_root: true4 X( K/ K3 i, B( L1 p4 n
6 t# u) ~2 Q' j/ F; D" l0 _
- type: log/ F2 S9 D. Z/ e: N# n
enabled: true
2 |; v1 p8 w$ v' }6 Z5 C5 P paths:
! l c" e: u: e$ \' g - /var/log/nova/nova-manage.log- X2 c; b' v# a3 H1 n, Y' b
tags: ["nova-manage"]
/ r; y1 U; L1 O. Z6 @ fields_under_root: true
. z+ T7 s9 D* T" O2 t" w4 R( k" q6 Z( P) @1 z" }: U- V
- type: log% C3 t$ r4 c8 H
enabled: true
5 e7 z9 H3 l m& r, o. U5 z" D paths:, p( g3 q+ I$ N1 r- r) s& ^
- /var/log/nova/scheduler.log
7 U% |% c3 f$ R6 i1 u- v: | tags: ["scheduler"]% [# x; g% G9 M* _- m/ K
fields_under_root: true
; z6 T5 z& n, [" E1 n5 n3 f! i ]% N) E6 s/ _
- type: log
& A2 u: \% M7 ]& O/ s& c6 | enabled: true
* m3 i9 d5 w& c" V7 [3 k* E0 J paths:, S/ O* e j% C( I
- /var/log/nova/conductor.log
1 M4 c4 Q c! }. M' c' C' @ tags: ["conductor"]# y+ Y6 m4 J% N1 o' H
fields_under_root: true
1 B) r- I) ~8 }6 g: K
9 S# d: ?5 U" P& _4 O9 U z0 t: A - type: log- F; H' P) U5 i: G c4 Y
enabled: true& M( ^' B( i. N: G, _
paths:' i; F) P5 `' O# p& w- a( S# A6 p
- /var/log/nova/cert.log
- @+ |1 C- m9 t9 t tags: ["cert"]8 J. R% B9 [/ @5 k0 A
fields_under_root: true
# o9 g* C" L' z7 o# k2 \' K
; ` n- ~) l, h. {: \& | - type: log! Y x8 L, F2 z) @6 O( C1 N
enabled: true5 s, }% L# \* H4 n2 T4 P! q
paths:
# \% j/ ?/ P2 N/ D. H" s" G9 | - /var/log/nova/consoleauth.log ! Z X! u, L$ W# ?. `$ }, b* D
tags: ["consoleauth"]2 O( t; F5 ^& L* [9 G1 B
fields_under_root: true& W7 L( Z0 e( N. y
6 X& N8 W7 A$ F! [/ w; [/ O - type: log2 T( f0 I% p% y }) e: E
enabled: true
9 M% k! f& [& Y) q( m6 `& g paths:
4 l7 E" W8 k) B% T/ r7 Y3 x" @ - /var/log/nova/nova-novncproxy.log, H: J: O2 J6 x8 O$ ^1 v' u( ~1 w3 z
tags: ["nova-novncproxy"]* Z/ ]* D7 Z% I$ q- ~$ X( f* D" g
fields_under_root: true# Q2 O4 `1 t+ f2 q
. I* @8 r0 b1 U6 ^/ H( r4 q
- type: log; F$ P6 }8 C. w4 M/ N
enabled: true
: q: k& u% l2 o* R paths:2 i9 J# m; b; ?; Y8 ]( I
- /var/log/rabbitmq/rabbit*.log- ?0 g+ W* B9 X1 m
tags: ["rabbit"]/ i( g2 J" {% c6 R
fields_under_root: true1 C3 L0 t3 J1 V3 Z
, ^1 \! j: o* j* f* k$ O - type: log7 I$ o% C4 Y! H8 U6 z8 b
enabled: true* c, v1 K: y& @; }# q- [ J- q
paths:
5 k/ J8 @0 @- Z - /var/log/glance/*.log5 h4 G6 _, O; f+ o. c
tags: ["glance"]
r' z% @, G1 j3 C fields_under_root: true0 o1 h, i7 \5 ^0 a
`: f1 W/ k4 J9 i0 e - type: log
4 R7 ~$ m- }5 x6 P, f3 F7 @ enabled: true
1 c3 [' D( t8 g0 z2 ~3 c3 e paths:" b9 k+ p. l1 l9 w2 K) v
- /var/log/neutron/openvswitch-agent.log
- ?. R* R( K! I- k+ r! B% c$ K tags: ["openvswitch-agent"]( y' L' R& u5 g6 a5 i
fields_under_root: true
7 g; I5 F% {/ f( y" y$ n& _; ~# e- i" H- B3 k U
- type: log3 A1 f3 M* F9 m) n% ?4 s/ ~% ]
enabled: true# W' E/ E" l/ p+ j# J1 ^
paths:
% J7 u! s9 I' e! k$ f$ r/ L - /var/log/kuryr/kuryr-controller.log0 O3 F, d) f0 z" @8 F6 T' x1 N$ C
tags: ["kuryr-controller"]: F# T, n: g! s
fields_under_root: true
# N$ G* U7 J3 V6 k" e% H9 F5 s! |/ P, } e- M9 B! y
- type: log
b, E" d" i" m) j# @9 g) T enabled: true
) u, C; u( |" p/ S; ~9 z& \5 r; A1 \ paths:2 ~" C6 E- E9 v
- /var/log/keystone/keystone.log* P; ^- v- k7 R H
tags: ["keystone"]) t2 P( C8 R- T
fields_under_root: true: O+ {% l. W+ ~3 o
9 G I; F }6 ]& F
output.elasticsearch:
7 r; i2 R6 X% X5 g hosts: ["172.24.110.125:9200", "172.24.110.127:9200"]
7 y) W; ^) S3 u3 U5 |/ n, \! r0 Q7 O' N! @
username: elastic6 {6 g2 C- K) y$ ~. p
password: Cxxxx
4 z6 s0 o1 H1 n7 s" y% R indices:1 h: `0 v% m# q1 Y4 s5 k( Q
- index: "compute_messages-error-%{[agent.version]}-%{+yyyy.MM.dd}"
& I$ t# P: o; g& f8 C5 D when:
' D; }' c! |) w or:
) d6 x$ Q+ }: o5 G, K2 r$ z1 `( A - contains:8 t( D* I; q& ~. a) f
tags: "messages"! d1 q. ]5 a+ P3 Y
message: "err"0 k# H) y* p4 ^/ [ q
- contains:
8 M' h$ U* M$ v3 Y6 D n tags: "messages"
& y) k( \* K; x/ I& L h- w; \ message: "ERR"1 c, D$ c2 m" H" g
- contains:
3 ~1 a& i9 I$ z/ M0 p& h tags: "messages"% [$ h: d- Z6 N
message: "fail"9 S. |$ X9 i2 }% L; z$ h i9 Y
- index: "compute_messages-%{[agent.version]}-%{+yyyy.MM.dd}"
3 c5 |& F! A$ E+ S$ [, y when.contains:& G; x' t' K5 w# W) q- p+ [
tags: "messages"3 U- t1 } J: ~" g, ]2 s" S
- index: "compute_nova-compute-error-%{[agent.version]}-%{+yyyy.MM.dd}"! {; ^# O7 c" U# ^
when:, B( `7 _2 |3 r% U! a( O
or:
5 f9 y& M+ S! u# P - contains:, i5 S( W* p& p1 y! J0 s4 J: |! I+ J
tags: "nova-compute"
6 O; v* t. r( T P' A message: "err"
5 g8 U( W1 `7 h, I* c! Y, n - contains:
, ?- a p, `9 Y& V. J; V9 \ tags: "nova-compute"6 @! h( @6 j$ U; B* N
message: "ERR"* H# C3 U9 m/ G% x4 [$ u8 Z' k
- contains:5 a$ Q g# C" h$ n) n; g+ U
tags: "nova-compute"
) x# q6 e# o' |( K7 j$ U7 N5 T. Y message: "fail"$ D Z, [3 M0 z
- index: "compute_nova-compute-%{[agent.version]}-%{+yyyy.MM.dd}"( H3 G' i& U7 P. A& X
when.contains:
. E, \8 b0 b D" w7 }) M" s tags: "nova-compute"
: U( @7 D6 f) z9 m( f( V" R) X7 }* j1 h- x# g7 s9 I7 ^) U- F
- index: "controller_nova-manage-error-%{[agent.version]}-%{+yyyy.MM.dd}"
1 D% g+ U+ c- K# J7 J. I% _5 F when: [3 Y0 K! `! k' k7 O5 F" B
or:
& s, X2 |1 l' g$ l4 L8 f - contains:
1 z) h! [/ o; k; J tags: "nova-manage"
* m/ ?3 R% {% H! F* ] message: "err", S8 r. n6 E5 F
- contains:% C. ?% C2 s4 \- X8 b! E
tags: "nova-manage"3 @ e% S/ V. o/ p7 I# b/ @
message: "ERR"2 b1 t; B2 y% \
- contains:* }% z1 O# F) ~+ O; r/ B
tags: "nova-manage"
3 M) R- k, v$ r, I; P! l. { message: "fail"
% [( v4 [. e( m2 k7 J - index: "controller_nova-manage-%{[agent.version]}-%{+yyyy.MM.dd}"
b3 ^2 Q, g, F9 B3 J/ x5 m when.contains:
j. O* L2 }3 W; Z tags: "nova-manage"
. h# {- U0 D8 ?3 w
) {9 i( X+ i4 j, D% ^4 ]% U& t - index: "controller_scheduler-error-%{[agent.version]}-%{+yyyy.MM.dd}"( U9 A0 U( |) F
when:
; ^. D* [, F( Y+ s! a; q& K or:3 m( X2 {4 y& l+ G& Q! I6 g
- contains:( B" Z0 s7 A) x7 y9 x- q
tags: "scheduler"4 [0 y p: s* J# P! X0 x' k
message: "err"
* h) J8 h# C: v - contains:/ K" w1 m t) V; x9 t
tags: "scheduler"% l. K) `/ U# P, {" Y% F+ [4 X
message: "ERR"
: `% P6 Y9 ]% c' s - contains:
) Q" K; J! W1 @, c* ?& ]9 Z tags: "scheduler"
! l g1 P* u9 b2 l' ] message: "fail"$ S# z) S, x- ?: R U9 E
- index: "controller_scheduler-%{[agent.version]}-%{+yyyy.MM.dd}"
/ h9 y( V, g& ]" t* d when.contains:
! x5 Y) P$ A+ i/ a/ s- Z: a tags: "scheduler"
& Y5 R0 H* a# [. ~, v7 z# i
- r/ h: [/ k3 C- Z" _4 j, ` - index: "controller_conductor-error-%{[agent.version]}-%{+yyyy.MM.dd}"9 B1 Y0 N0 K5 u& D8 T# y
when:$ y. x! J% C8 v% O
or:
' @2 ~/ }9 e- Y+ t' ^3 o - contains:+ N$ u* [1 W" _- I! |
tags: "conductor": \) ~2 z: U: c& ?
message: "err"
$ y1 C/ M8 V1 r5 P. @ - contains:
7 u) E j: V6 Y' p/ l8 F tags: "conductor"/ D+ ^+ d% b$ Y0 u9 w+ D
message: "ERR"
& e) O$ @- T4 t) @ - contains:5 a1 @2 m2 T- r5 ~, C2 g
tags: "conductor"
9 N$ d7 J5 ^; v: m; I( r message: "fail" X. l2 O- G. p! V
- index: "controller_conductor-%{[agent.version]}-%{+yyyy.MM.dd}"
, C) w7 R% k i9 O+ m6 E9 F/ f" S9 q when.contains:; Q4 O, a. F9 `% n" P6 P
tags: "conductor"
8 _1 ], \# ]9 N0 b Q9 r/ {
( @" ^6 c6 d' j8 P5 r0 @% S1 m - index: "controller_cert-error-%{[agent.version]}-%{+yyyy.MM.dd}"
. s$ m2 D1 F9 X; G when:5 u+ V4 B! I; O8 l* d2 g
or:
- K: w& N. a% v( n# {6 ]6 l - contains:# A+ r4 u0 a5 ^8 R! ~
tags: "cert"
" I1 q/ N6 D8 m/ U! ~ message: "err"* o, A; t, r$ E F# @: r) C$ D
- contains:
0 @; t& \' `! l tags: "cert"
( b7 g- M4 V# X: P message: "ERR"5 L6 \* X3 l' W1 J; \
- contains:6 o: V3 b# y6 |: @, C! v
tags: "cert"7 e% K& L6 Z0 k: }) t: N) ^% B& B
message: "fail"
/ V; v) t6 D& |5 ~3 n8 ^3 u - index: "controller_cert-%{[agent.version]}-%{+yyyy.MM.dd}"
1 A7 h, c: X5 [( E3 ~2 {: Y# b when.contains:. J5 E7 z& [+ p/ v3 n* Y1 \5 u
tags: "cert"9 Q$ S) |7 w& D
$ A: ^* x) L( V+ ~+ i! v
- index: "controller_consoleauth-error-%{[agent.version]}-%{+yyyy.MM.dd}"
- D8 I, K% @, u( U( C& l% }3 {. Z0 R when:
4 U9 r' ]5 J* D3 Y% Q or:5 e3 e& j" c6 w, n0 O* i7 n
- contains:, C7 D) G, \7 E, u) f! `0 ~
tags: "consoleauth"( P! f, F* t" R& z" M: m; w
message: "err": o! V$ l( t2 x- W) b
- contains:, K+ I( H X1 m* `. ?
tags: "consoleauth" ^8 E, A* ?$ ~; e m+ y( c
message: "ERR"
% a+ I1 W4 }% K3 {! i - contains:
* y# P. i9 r7 F; R. t3 @% K6 y tags: "consoleauth"
2 e% p8 y9 C7 _ message: "fail"
/ U1 U+ ]% ~0 A5 g4 r" @* A - index: "controller_consoleauth-%{[agent.version]}-%{+yyyy.MM.dd}" O( e- P% s O4 q+ s
when.contains:3 p9 G7 S% B( {4 _2 i: O
tags: "consoleauth"
+ m/ Z: [1 x0 u& X5 K2 e
1 _1 y( l0 x- h - index: "controller_nova-novncproxy-error-%{[agent.version]}-%{+yyyy.MM.dd}"1 I1 Q) i# I7 ^: ]
when:4 t: ?. o6 A7 L( M; Z# V8 J. B
or:2 _$ t/ \4 F( R7 k
- contains:$ p" t8 R ^! x7 x! n& v" k" j; x
tags: "nova-novncproxy"
2 ^. x: ^4 \# V# A* t; I% U message: "err"
' P% P, _" `* [ - contains:4 h `# e4 f$ B- \: R
tags: "nova-novncproxy"
8 R1 M% r) |) s* [3 T message: "ERR"% ^/ R: ]/ A1 j3 g% `9 I3 r
- contains:
% b* |8 v. m/ M# Q, w tags: "nova-novncproxy"
4 U' J( n" s5 Q n0 I message: "fail"
; u: F! _# ^/ H9 Q% Q g; s c - index: "controller_nova-novncproxy-%{[agent.version]}-%{+yyyy.MM.dd}"( Y3 p; D5 M5 B( e7 N
when.contains:
3 `6 u4 f2 m8 H tags: "nova-novncproxy"% \; s' |4 u6 J4 n
& g# B, I& T8 X( m) M - index: "controller_rabbit-error-%{[agent.version]}-%{+yyyy.MM.dd}"
$ O9 K, Z! X( p8 p, } when:
: `6 i! I" A) K8 Y# O4 q or:
! f) O& w1 z& e2 G - contains:
3 ^' ~+ a# i! X) |2 X tags: "rabbit"
5 ^" P4 N! D$ `& i7 U, b% W7 r message: "err"
; f. l( \: S) _; N9 E - contains:( R! h q/ h$ y' l# }) C
tags: "rabbit"0 m7 B$ k H8 |9 _9 x) H6 j
message: "ERR"- x8 s0 n/ [ U. L) ]# ?$ R, m
- contains:
' O& H: P( N' |: k4 a, k: L tags: "rabbit"
# @$ s# X, K8 S! J3 T4 v+ ^ message: "fail"
$ I. O$ m8 X/ b$ x! h - index: "controller_rabbit-%{[agent.version]}-%{+yyyy.MM.dd}"6 K4 U2 W; |& S* }: _
when.contains:3 I5 s5 F) v1 j) U/ R0 q$ }- i* h/ \. |; @- H
tags: "rabbit"
% Y( ^4 y% ]- T0 O5 g" H9 E2 K& \& b4 q& I
- index: "controller_glance-error-%{[agent.version]}-%{+yyyy.MM.dd}"
% P' l7 x' r& u# y when:
( j3 `% I' k/ g" S- N; r' K4 E or:8 _5 A: D0 O4 E- l
- contains:
( e9 M7 l! k' f& P0 G$ ?% s tags: "glance"
: o! p6 O$ l' a( x8 ^9 P& X! v message: "err"! V7 i* i$ V3 D. V( I1 K" B0 q
- contains:
5 O2 {* L; D: m9 b6 B tags: "glance"
; |- d9 p+ z; c: G( F: D+ y message: "ERR"
2 g& ~4 e' T% q3 |& ^7 K7 ]/ F - contains:6 L' z3 ?) q0 ^7 q3 m
tags: "glance", q# B" {7 G; _. j9 x$ @8 @ o
message: "fail"
3 g" ]- C! m1 L/ z - index: "controller_glance-%{[agent.version]}-%{+yyyy.MM.dd}"! L Z' i G3 L6 @1 d! D
when.contains:& Y7 c$ n, g) h7 @
tags: "glance"
1 o+ \/ S# H2 j8 Y E* C4 E; M+ h, x( k. ?
- index: "controller_openvswitch-agent-error-%{[agent.version]}-%{+yyyy.MM.dd}"7 M. z- S3 P1 ]4 [
when:; V B m% e$ j$ b) z
or:6 X- I y1 `, Y/ h! t
- contains:2 E" Z1 S& _! r- G+ ]/ q5 l: W6 T) |
tags: "openvswitch-agent") V" D+ ~4 X1 O% i; ]+ q
message: "err"
- t2 a& J5 o3 ` - contains:+ V8 S) s% F1 C% z, ^0 j
tags: "openvswitch-agent"
7 L3 l2 |2 q& P1 J' {. G message: "ERR"
' w; p" u* G4 y - contains:0 F: D) o; l; X) d/ O* J3 u
tags: "openvswitch-agent"
9 A5 T/ `# q4 r message: "fail"
$ X7 M Z; ] N- E8 e' ~ - index: "controller_openvswitch-agent-%{[agent.version]}-%{+yyyy.MM.dd}"
2 d* c, [8 k e; ~! R* }! n. [ when.contains:; z, ]( ~6 ?6 {: m8 {* i' v* w: D
tags: "openvswitch-agent"( w, z1 p: F1 Z6 M1 a
3 L* D) c4 o8 H0 Z' ^, l9 {
- index: "controller_kuryr-controller-error-%{[agent.version]}-%{+yyyy.MM.dd}"
) j5 _2 m% t( S+ Y" F% g6 N! ^4 U% t when:5 [( \! |! ^" a5 u" |* P( d+ t
or:- {5 q; P! p [
- contains:
/ Y& h8 K5 \0 ]9 \0 C. E# I9 ` tags: "kuryr-controller"
. g* J: ~$ E, G6 \ message: "err"' O. N) `: r" A2 `4 V/ o% J' ]
- contains:
5 T. a$ q: v# L; d; H+ d1 T3 l tags: "kuryr-controller"
2 y' l) B2 m$ V- H5 r( ]. E message: "ERR"
; j- {+ M" ~, [0 c$ S% w - contains:& K7 e; x5 M8 o! `4 w/ K6 c
tags: "kuryr-controller"2 l: |. D' ~3 d5 W
message: "fail"5 C% U1 A! H* s' Y
- index: "controller_kuryr-controller-%{[agent.version]}-%{+yyyy.MM.dd}"' b" j4 P1 [7 R; l, s
when.contains:" D/ w6 [6 x$ D8 U
tags: "kuryr-controller"% n+ I3 X; ^; \5 Q9 P& x
5 E+ r; i. T3 N, T
- index: "controller_keystone-error-%{[agent.version]}-%{+yyyy.MM.dd}"
, x1 f) _* R; B( J+ E" l3 g when:2 j. A2 _) V$ l* B" v& w7 h, O: i
or:0 [3 w& T, {7 K h
- contains:& K, Y" I4 } P5 W: y6 f- K
tags: "keystone"
" j* j% X6 E; ~2 T! M( o- { message: "err"
; O. j. t- U) h9 G! t1 n - contains:. M% b3 h3 F2 l7 B1 D" Y) u6 q! F
tags: "keystone"* n" z" f' O, _8 U3 ]8 F, [7 L) @
message: "ERR"
6 _8 o4 o8 G5 h7 W) f - contains: ` Z4 @1 N; p) c3 n# t+ u2 @' }7 d
tags: "keystone"
9 X, o8 ?$ ^8 r3 [$ J message: "fail"
4 V" B# d4 R' d - index: "controller_keystone-%{[agent.version]}-%{+yyyy.MM.dd}"
3 h3 _6 i U) C4 t& a" P when.contains:+ s7 j7 m8 m5 I7 _
tags: "keystone"
* y- H1 N1 `9 T/ h7 ?( a) o8 j5 n
: Q1 v& n+ B# m \1 K% vsetup.ilm.enabled: false/ \ u7 c2 v3 f6 m: S- j7 i4 E4 z0 r
setup.template.name: system7 {, M A) q6 D5 ~& K6 n7 ~
setup.template.pattern: system-*1 P0 `2 O) j- g, w P4 K
$ E+ ]! I# r# _4 A! ?& C/ P& C; U9 aYou have new mail in /var/spool/mail/root
) ?6 o2 s' g. p& z3 q
& G L: {# z2 t+ i; X3 ^& H- w! g: X" Z& |9 t+ n5 k# [' N
|
|
/4 
|返回首页|Archiver|小黑屋|易陆发现技术论坛
( 蜀ICP备2026014127号-1 )
窥视卡
雷达卡
发表于 2024-10-31 17:23:37
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜