HEX

Warning: set_time_limit() [function.set-time-limit]: Cannot set time limit - prohibited by configuration in /home/u547966/brikov.ru/www/wp-content/plugins/admin-menu-editor/menu-editor.php on line 745
Server: Apache
System: Linux 4.19.0-0.bpo.9-amd64 x86_64 at red40
User: u547966 (5490)
PHP: 5.3.29-mh2
Disabled: syslog, dl, popen, proc_open, proc_nice, proc_get_status, proc_close, proc_terminate, posix_mkfifo, chown, chgrp, accelerator_reset, opcache_reset, accelerator_get_status, opcache_get_status, pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority
Upload Files
File: //usr/share/filebeat/module/ibmmq/errorlog/ingest/pipeline.yml
description: Pipeline for parsing MQ error logs.
processors:
- set:
    field: event.ingested
    value: '{{_ingest.timestamp}}'
- gsub:
    field: message
    pattern: ^[\-]{5}[a-z0-9\. :]*[\-]{5,}
    replacement: ""
- gsub:
    field: message
    pattern: |2+

    replacement: ' '
- gsub:
    field: message
    pattern: '[ ]{2,}'
    replacement: ' '
- trim:
    field: message
- set:
    copy_from: '@timestamp'
    field: event.created
- grok:
    field: message
    patterns:
    - ^%{DATA:log_timestamp} -
- grok:
    field: message
    patterns:
    - 'Process\(%{DATA:process.pid}\) User\(%{WORD:user.name}\) Program\(%{DATA:process.title}\)
      Host\(%{DATA:host.hostname}\) Installation\(%{WORD:ibmmq.errorlog.installation}\)
      VRMF\(%{DATA:service.version}\)( QMgr\(%{DATA:ibmmq.errorlog.qmgr}\))?( Time\(%{TIMESTAMP_ISO8601:log_timestamp}\))?(
      RemoteHost\(%{DATA:destination.address}\))?( ArithInsert1\(%{DATA:ibmmq.errorlog.arithinsert1}\))?(
      ArithInsert2\(%{DATA:ibmmq.errorlog.arithinsert2}\))?( CommentInsert1\(%{DATA:ibmmq.errorlog.commentinsert1}\))?(
      CommentInsert2\(%{DATA:ibmmq.errorlog.commentinsert2}\))?( CommentInsert3\(%{DATA:ibmmq.errorlog.commentinsert3}\))?
      (?=AMQ[0-9]{4})%{DATA:ibmmq.errorlog.code}((?<=AMQ[0-9]{4}[A-Z])%{DATA:log.level})?:
      %{DATA:ibmmq.errorlog.errordescription} [^\ ]+:( %{DATA:ibmmq.errorlog.explanation})?
      [^\ ]+:( %{DATA:ibmmq.errorlog.action})?$'
- date:
    field: log_timestamp
    target_field: '@timestamp'
    formats:
    - ISO8601
    - MM/dd/yyyy hh:mm:ss a
    - dd/MM/yyyy HH:mm:ss
    - dd.MM.yyyy HH:mm:ss
    ignore_failure: true
- append:
    field: ibmmq.errorlog.commentinsert
    value:
    - '{{ibmmq.errorlog.commentinsert1}}'
    - '{{ibmmq.errorlog.commentinsert2}}'
    - '{{ibmmq.errorlog.commentinsert3}}'
    ignore_failure: true
- append:
    field: ibmmq.errorlog.arithinsert
    value:
    - '{{ibmmq.errorlog.arithinsert1}}'
    - '{{ibmmq.errorlog.arithinsert2}}'
    ignore_failure: true
- remove:
    field:
    - log_timestamp
    - message
    - ibmmq.errorlog.arithinsert1
    - ibmmq.errorlog.arithinsert2
    - ibmmq.errorlog.commentinsert1
    - ibmmq.errorlog.commentinsert2
    - ibmmq.errorlog.commentinsert3
    ignore_missing: true
- rename:
    field: ibmmq.errorlog.errordescription
    target_field: message
- set:
    field: event.kind
    value: event
on_failure:
- set:
    field: error.message
    value: 'pipeline-entry: {{ _ingest.on_failure_message }}'