2021年1月25日 | Leave a comment 问题: 我们的运维配置 EFK 不会配置 filter 来提取日志中的字段 我发现可以直接使用 logback appender 将日志输出到 elasticsearch 测试环境这么搞搞就行了 解决: pom.xml 增加 <dependency> <groupId>com.internetitem</groupId> <artifactId>logback-elasticsearch-appender</artifactId> <version>1.6</version> </dependency> 12345 <dependency> <groupId>com.internetitem</groupId> <artifactId>logback-elasticsearch-appender</artifactId> <version>1.6</version> </dependency> logback-spring.xml <configuration debug="true"> <springProperty scope="context" name="springAppName" source="spring.application.name"/> <!--默认配置--> <include resource="org/springframework/boot/logging/logback/defaults.xml"/> <!--配置控制台(Console)--> <include resource="org/springframework/boot/logging/logback/console-appender.xml"/> <appender name="ELASTIC" class="com.internetitem.logback.elasticsearch.ElasticsearchAppender"> <url>http://10.0.70.110:9200/_bulk</url> <!-- <index>logs-%date{yyyy-MM-dd}</index>--> <index>citysass</index> <!-- <type>tester</type>--> <!-- <loggerName>es-logger</loggerName> <!– optional –>--> <!-- <errorLoggerName>es-error-logger</errorLoggerName> <!– optional –>--> <connectTimeout>30000</connectTimeout> <!-- optional (in ms, default 30000) --> <errorsToStderr>false</errorsToStderr> <!-- optional (default false) --> <includeCallerData>false</includeCallerData> <!-- optional (default false) --> <logsToStderr>false</logsToStderr> <!-- optional (default false) --> <maxQueueSize>104857600</maxQueueSize> <!-- optional (default 104857600) --> <maxRetries>3</maxRetries> <!-- optional (default 3) --> <readTimeout>30000</readTimeout> <!-- optional (in ms, default 30000) --> <sleepTime>250</sleepTime> <!-- optional (in ms, default 250) --> <rawJsonMessage>false</rawJsonMessage> <!-- optional (default false) --> <includeMdc>true</includeMdc> <!-- optional (default false) --> <maxMessageSize>-1</maxMessageSize> <!-- optional (default -1 --> <!-- <authentication class="com.internetitem.logback.elasticsearch.config.BasicAuthentication" /> <!– optional –>--> <properties> <property> <name>appName</name> <value>${springAppName}</value> </property> <property> <name>host</name> <value>HOST</value> <allowEmpty>true</allowEmpty> </property> <property> <name>severity</name> <value>%level</value> </property> <property> <name>thread</name> <value>%thread</value> </property> <property> <name>stacktrace</name> <value>%ex</value> </property> <property> <name>logger</name> <value>%logger</value> </property> </properties> <headers> <header> <name>Content-Type</name> <value>application/json</value> </header> </headers> </appender> <logger name="com.telsafe" level="DEBUG"/> <root level="INFO"> <appender-ref ref="CONSOLE"/> </root> <springProfile name="eslog"> <root level="INFO"> <appender-ref ref="ELASTIC"/> </root> </springProfile> </configuration> 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 <configuration debug="true"> <springProperty scope="context" name="springAppName" source="spring.application.name"/> <!--默认配置--> <include resource="org/springframework/boot/logging/logback/defaults.xml"/> <!--配置控制台(Console)--> <include resource="org/springframework/boot/logging/logback/console-appender.xml"/> <appender name="ELASTIC" class="com.internetitem.logback.elasticsearch.ElasticsearchAppender"> <url>http://10.0.70.110:9200/_bulk</url><!-- <index>logs-%date{yyyy-MM-dd}</index>--> <index>citysass</index><!-- <type>tester</type>--><!-- <loggerName>es-logger</loggerName> <!– optional –>--><!-- <errorLoggerName>es-error-logger</errorLoggerName> <!– optional –>--> <connectTimeout>30000</connectTimeout> <!-- optional (in ms, default 30000) --> <errorsToStderr>false</errorsToStderr> <!-- optional (default false) --> <includeCallerData>false</includeCallerData> <!-- optional (default false) --> <logsToStderr>false</logsToStderr> <!-- optional (default false) --> <maxQueueSize>104857600</maxQueueSize> <!-- optional (default 104857600) --> <maxRetries>3</maxRetries> <!-- optional (default 3) --> <readTimeout>30000</readTimeout> <!-- optional (in ms, default 30000) --> <sleepTime>250</sleepTime> <!-- optional (in ms, default 250) --> <rawJsonMessage>false</rawJsonMessage> <!-- optional (default false) --> <includeMdc>true</includeMdc> <!-- optional (default false) --> <maxMessageSize>-1</maxMessageSize> <!-- optional (default -1 --><!-- <authentication class="com.internetitem.logback.elasticsearch.config.BasicAuthentication" /> <!– optional –>--> <properties> <property> <name>appName</name> <value>${springAppName}</value> </property> <property> <name>host</name> <value>HOST</value> <allowEmpty>true</allowEmpty> </property> <property> <name>severity</name> <value>%level</value> </property> <property> <name>thread</name> <value>%thread</value> </property> <property> <name>stacktrace</name> <value>%ex</value> </property> <property> <name>logger</name> <value>%logger</value> </property> </properties> <headers> <header> <name>Content-Type</name> <value>application/json</value> </header> </headers> </appender> <logger name="com.telsafe" level="DEBUG"/> <root level="INFO"> <appender-ref ref="CONSOLE"/> </root> <springProfile name="eslog"> <root level="INFO"> <appender-ref ref="ELASTIC"/> </root> </springProfile> </configuration> 运行时启用 profiles -Dspring.prifiles.active=default,eslog . eslog 会启用 logback中配置的 appender 参考: https://github.com/internetitem/logback-elasticsearch-appender