最新在研究elastic stack (elk)  ：

logstash 安装，下载最新版本的logstash: 点击打开链接

解压到磁盘根目录下：在logstash>bin 

1、目录下创建：logstash.conf

2、输入内容:

 

# Sample Logstash configuration for creating a simple
# Beats -> Logstash -> Elasticsearch pipeline.input {kafka {bootstrap_servers => "localhost:9092"topics => ["test"]group_id => "test"}
}filter { mutate {split => { "message" => " |" }}if [message][0] {mutate {                add_field =>   {"apiname" => "%{[message][0]}"}}}if [message][1] {mutate {                add_field =>   {"current_time" => "%{[message][1]}"}}} if [message][2] {mutate {                add_field =>   {"current_level" => "%{[message][2]}"}}}  	if [message][3] {mutate {                add_field =>   {"traceid" => "%{[message][3]}"}}}}output {elasticsearch {hosts => ["http://localhost:9200"]#index => "local-purchase-order | %{+YYYY-MM-dd}"index => "logstash-%{+YYYY-MM-dd}"#template_name => "logstash"#template_overwrite => true#index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"#user => "elastic"#password => "changeme"}stdout{codec => rubydebug}
}

3、
 

 

ok 了，启动成功