138 lines
5.5 KiB
Plaintext
138 lines
5.5 KiB
Plaintext
input {
|
|
tcp {
|
|
port => 5555
|
|
codec => json
|
|
}
|
|
}
|
|
|
|
filter {
|
|
|
|
grok {
|
|
match => { "message" => "\[%{WORD:tenant}\]" }
|
|
}
|
|
grok {
|
|
patterns_dir => ["/etc/logstash/patterns"]
|
|
match => {"message" => "userId\s*=\s*(%{USER:user})"}
|
|
tag_on_failure => []
|
|
}
|
|
translate {
|
|
field => "X-Operation-Name"
|
|
destination => "category"
|
|
dictionary => {
|
|
"ProductResource.getAllProductsWithDescriptionAndTechnicalId" => "product"
|
|
"ProductResource.importAll" => "product"
|
|
"ProductResource.getAutoCompletOpt" => "product"
|
|
"ProductResource.createProductsPair" => "product"
|
|
"ProductResource.getProduct" => "product"
|
|
"ProductResource.assignProduct" => "product"
|
|
"ProductResource.deleteProduct" => "product"
|
|
"ProductResource.getAllProducts" => "product"
|
|
"ProductResource.getEsProducts" => "product"
|
|
"ProductResource.countProducts" => "product"
|
|
"ProductResource.createProduct" => "product"
|
|
"ProductResource.unassignProduct" => "product"
|
|
"ProductResource.updateProductsPair" => "product"
|
|
"ProductResource.updateProduct" => "product"
|
|
"SimCardResource.searchSimCardsInEs" => "sim"
|
|
"SimCardResource.getDataLimit" => "sim"
|
|
"SimCardResource.getDataLimitBalance" => "sim"
|
|
"SimCardResource.countSimCards" => "sim"
|
|
"SimCardResource.getAllSimCards" => "sim"
|
|
"SimCardResource.getSimCard" => "sim"
|
|
"SimCardResource.getUsage" => "sim"
|
|
"SimCardResource.getSimCardStatistics" => "sim"
|
|
"SimCardResource.simCardPing" => "sim"
|
|
"SimCardResource.getSimNetworkStatusGroupedByCountry" => "sim"
|
|
"SimCardResource.importSimCardByCSV" => "sim"
|
|
"SimCardResource.getLiveUsage" => "sim"
|
|
"SimCardResource.provisionSimCard" => "sim"
|
|
"SimCardResource.updateSimCards" => "sim"
|
|
"SimCardResource.getAllSimCardsByProdInstaParam" => "sim"
|
|
"SimCardResource.syncDbWithEs" => "sim"
|
|
"SimCardResource.setDataLimit" => "sim"
|
|
"SimCardResource.updateSimAfterNetworkEvent" => "sim"
|
|
"SimCardResource.getTotalUsage" => "sim"
|
|
"SimCardResource.validateSimCSV" => "sim"
|
|
"SimCardResource.simCardLocationReset" => "sim"
|
|
"SimCardResource.exportCSV" => "sim"
|
|
"SimCardResource.getSimCardForNotifications" => "sim"
|
|
"SimCardResource.provisionSimCardByCSV" => "sim"
|
|
"SimCardResource.updateSimCard" => "sim"
|
|
"SimCardResource.getAutoCompletOpt" => "sim"
|
|
"SimCardResource.createSimCard" => "sim"
|
|
"SimCardResource.getSimsForProvision" => "sim"
|
|
"TechnicalProductResource.updateTechnicalProduct" => "technical_product"
|
|
"TechnicalProductResource.createTechnicalProduct" => "technical_product"
|
|
"TechnicalProductResource.deleteTechnicalProduct" => "technical_product"
|
|
"TechnicalProductResource.getAllTechnicalProducts" => "technical_product"
|
|
"TechnicalProductResource.getTechnicalProduct" => "technical_product"
|
|
"OrderResource.getOrders" => "order"
|
|
"OrderResource.update" => "order"
|
|
"OrderResource.simCardAction" => "order"
|
|
"OrderResource.moveToSimCardBillingAccount" => "order"
|
|
"OrderResource.getFailedItemsForOrders" => "order"
|
|
"OrderResource.fillOrderWithSimCards" => "order"
|
|
"OrderResource.createSimOrder" => "order"
|
|
"OrderResource.getBatchFileForOrders" => "order"
|
|
"OrderResource.changeStatus" => "order"
|
|
"OrderResource.getOrder" => "order"
|
|
"OrderResource.batchOperation" => "order"
|
|
"OrderResource.getOrderStatus" => "order"
|
|
"OrderResource.getBatchOrders" => "order"
|
|
"OrderResource.changeSimCardPlan" => "order"
|
|
"CustomerProfileResource.updateCustomFields" => "customer"
|
|
"CustomerProfileResource.createBillingAccount" => "customer"
|
|
"CustomerProfileResource.updateUser" => "customer"
|
|
"CustomerProfileResource.getCustomers" => "customer"
|
|
"CustomerProfileResource.deleteFile" => "customer"
|
|
"CustomerProfileResource.getUsers" => "customer"
|
|
"CustomerProfileResource.saveContract" => "customer"
|
|
"CustomerProfileResource.endTrialPeriod" => "customer"
|
|
"CustomerProfileResource.uploadFileForAccount" => "customer"
|
|
"CustomerProfileResource.sendOnboardingDetails" => "customer"
|
|
"CustomerProfileResource.extendTrialPeriod" => "customer"
|
|
"CustomerProfileResource.assignUploadedFiles" => "customer"
|
|
"CustomerProfileResource.uploadFile" => "customer"
|
|
"CustomerProfileResource.getCurrentContactAddress" => "customer"
|
|
"CustomerProfileResource.getBatchFileForOrders" => "customer"
|
|
"CustomerProfileResource.updateBillingAccount" => "customer"
|
|
"CustomerProfileResource.deleteBillingAccount" => "customer"
|
|
"CustomerProfileResource.getCustomFields" => "customer"
|
|
"CustomerProfileResource.createUser" => "customer"
|
|
"CustomerProfileResource.getBillingAccounts" => "customer"
|
|
"CustomerProfileResource.updateAssignedPlansProducts" => "customer"
|
|
"CustomerProfileResource.deleteUser" => "customer"
|
|
"CustomerProfileResource.getDocuments" => "customer"
|
|
"CustomerProfileResource.acceptContract" => "customer"
|
|
"CustomerProfileResource.updateContactAddress" => "customer"
|
|
"CustomerProfileResource.getContract" => "customer"
|
|
"CustomerProfileResource.getAssignedPlansProducts" => "customer"
|
|
"CustomerProfileResource.processAccount" => "customer"
|
|
"CustomerProfileResource.getContactAddress" => "customer"
|
|
"CustomerProfileResource.rejectContract" => "customer"
|
|
}
|
|
fallback => "unknown"
|
|
}
|
|
dissect {
|
|
mapping => {
|
|
"message" => "%{?drop} payload=%{payload_json}, %{?drop}"
|
|
}
|
|
}
|
|
#json {
|
|
# source => "payload_json"
|
|
# target => "payload_object"
|
|
# }
|
|
|
|
}
|
|
|
|
output {
|
|
elasticsearch {
|
|
hosts => ["http://10.12.174.15:9200","http://10.12.174.16:9200","http://10.12.174.17:9200"]
|
|
user => "logstash_internal"
|
|
password => "vK54tBEFUZaKBVtwsmlHksbr07Rm8cTn"
|
|
index => "audit-logs-7"
|
|
}
|
|
# file { path => "/home/ubuntu/auditlogs-test-logstash"}
|
|
}
|
|
|