Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

haproxy

https://support.nagios.com/forum/viewtopic.php?t=45053

Page 1 of 1

haproxy

Posted: Mon Aug 07, 2017 11:45 pm
by pccwglobalit
we want to filtering haproxy tcp log, can we use the below filter?

Code: Select all

if [program] == 'haproxy' {
        grok {
            match => [ 'message', '%{HAPROXY} ]
        }
        date {
            match => [ 'timestamp', 'dd/MMM/yyyy:HH:mm:ss Z' ]
        }
    geoip {
        source => 'client_ip'
    }
    }
will above filter ok?
thanks.

Re: haproxy

Posted: Tue Aug 08, 2017 11:26 am
by cdienger
I would try the following slight variation instead:

Code: Select all

if [program] == 'haproxy' {
        grok {
            match => [ 'message', '%{HAPROXYTCP}' ]
        }
        date {
            match => [ 'timestamp', 'dd/MMM/yyyy:HH:mm:ss Z' ]
        }
    geoip {
        source => 'client_ip'
    }
    }
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited