openstack/openstack-ansible
Code Issues Proposed changes
openstack-ansible/rpc_deployment/roles/logstash/templates/04-routes.conf
d34dh0r53 6f6e75f549 Initial Commit
2014-08-26 18:08:15 -05:00

74 lines
4.3 KiB
Plaintext
Raw Blame History

#===============================================================================
filter {
#---------------------------------------------------------------------------
# Parse & tag routes logs (as used by keystone & nova)
if "routes-generic" in [tags] {
#-----------------------------------------------------------------------
# routes GET requests i.e.:
# 1) keystone.log: Matched GET /tenants __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
# 2) keystone.log: Matched GET /users __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
# 3) keystone.log: Matched GET /tenants/47942f2dc60d4b88804b8573c0e78d7e/users __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
# 4) keystone.log: Matched GET /tenants/47942f2dc60d4b88804b8573c0e78d7e/users/29f569a2066745659b4fb080ff3b5a67/roles # __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
# 5) keystone.log: Matched GET /users/965fbe7ab90d4b1b912f85d4eb34d1cd/credentials/OS-EC2 __call__ # # /usr/lib/python2.7/dist-packages/routes/middleware.py:100
grok {
match => [
"@message", "GET /%{DATA:api_func}(/%{DATA:api_func_path})? %{GREEDYDATA:message}"
]
add_tag => [ "routes-get-request" ]
break_on_match => false
overwrite => ["message"] # overwrites original message with whats left
tag_on_failure => []
}
#-----------------------------------------------------------------------
if "routes-get-request" in [tags] {
#-------------------------------------------------------------------
# Tenants GET requests i.e.:
# 1) keystone.log: Matched GET /tenants/47942f2dc60d4b88804b8573c0e78d7e/users __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
# 2) keystone.log: Matched GET /tenants/47942f2dc60d4b88804b8573c0e78d7e/users/29f569a2066745659b4fb080ff3b5a67/roles # __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
if [api_func] == "tenants" {
grok {
match => [
"api_func_path", "%{WORD:tenant_id}/%{WORD:tenant_func}(/%{WORD:user_id}/%{WORD:user_func})?"
]
add_tag => [ "routes-tenants-get-request" ]
break_on_match => false
remove_field => ["api_func_path"]
tag_on_failure => []
}
}
#-------------------------------------------------------------------
# Users GET requests i.e.:
# 1) Matched GET /users/965fbe7ab90d4b1b912f85d4eb34d1cd/credentials/OS-EC2 __call__ # # /usr/lib/python2.7/dist-packages/routes/middleware.py:100
if [api_func] == "users" {
grok {
match => [
"api_func_path", "%{WORD:user_id}/%{WORD:user_func}(/%{PROG:user_func_detail})?"
]
add_tag => [ "routes-users-get-request" ]
break_on_match => false
remove_field => ["api_func_path"]
tag_on_failure => []
}
}
#-------------------------------------------------------------------
}
#-----------------------------------------------------------------------
# Parse & tag routes POST requests
#-----------------------------------------------------------------------
# routes POSTS requests i.e.:
# 1) routes.middleware [-] Matched POST /tokens __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
grok {
match => [
"@message", "POST /%{DATA:api_func} %{GREEDYDATA:message}"
]
add_tag => [ "routes-post-request" ]
break_on_match => false
overwrite => ["message"] # overwrites original message with whats left
tag_on_failure => []
}
#-----------------------------------------------------------------------
}
#---------------------------------------------------------------------------
}
#===============================================================================
View Git Blame Copy Permalink