Logstash zabbix 插件
zabbix 监控 logstash
安装社区扩展包wget http://download.elasticsearch.org/logstash/logstash/logstash-contrib-1.4.2.tar.gz解压后覆盖 /usr/local/logstash-1.4.2/
配置Zabbix监控host
创建一个组
创建监控的主机
配置需要监控的主机参数
新建应用
新建监控项
配置监控项
查看主机状态
查看监控项状态
测试sender
登陆客户端(已安装完agent)
/usr/local/zabbix-2.2.2/bin/zabbix_sender -z 192.168.124.132 -vv -s "Zabbix client" -k key.log.error -o "hello word"
-z (zabbix server address)
-vv (详细信息)
-s (被监控的主机名)
-k (item 项名称)
-o (发送内容)
查看Zabbix Server 接收到的信息
测试已成功,可以配置 logstash.conf
logstash 客户端配置文件
input { file { #定义一个标示 type => "zabbix_log" path => [ "/var/log/zabbix.test.log"] start_position => beginning } } filter { grep { #过滤指定标示 type => "zabbix_log" match => [ "message", "(error|ERROR|CRITICAL)" ] #选择标示为"zabbix-sender"的事件处理 add_tag => [ "zabbix-sender" ] add_field => [ #配置主机和监控项 "zabbix_host", "Zabbix client", "zabbix_item", "key.log.error" ] } } output { redis{ host =>"192.168.124.128" data_type => "list" key => "logstash" } stdout { codec => rubydebug } zabbix { # only process events with this tag tags => "zabbix-sender" # specify the hostname or ip of your zabbix server # (defaults to localhost) host => "192.168.124.132" # specify the port to connect to (default 10051) port => "10051" # specify the path to zabbix_sender # (defaults to "/usr/local/bin/zabbix_sender") zabbix_sender => "/usr/local/zabbix-2.2.2/bin/zabbix_sender" } }
测试:
echo "error:test zabbix">>/var/log/zabbix.test.log
这样logstash 使用 zabbix 插件算是通了