Monday, September 26, 2016

Logstash shipper configuration for Apache access log and error log

[root@test patterns]# cat /etc/logstash/shipper.conf
input {
file {
        start_position => beginning
        path => ["/var/log/httpd/access_log"]
        type => "apache-access"
        }
file {
        start_position => beginning
        path => ["/var/log/httpd/error_log"]
        type => "apache-error"
        }
}

filter {
 if [type] == "apache-access" {
  grok {
        match => { "message" => "%{COMBINEDAPACHELOG}" }
        add_tag => [ "vod_origin" ]
        }
}
 if [type] == "apache-error" {

  grok {
        patterns_dir => [ "/etc/logstash/patterns" ]
        match => [ "message", "%{APACHE_ERROR_LOG}" ]
        add_tag => [ "vod_origin" ]
        }
}
 geoip {
        source => "clientip"
        }
}

output {
stdout { }
redis {
        host => "xxx.xxx.xxx.xxx"
        data_type => "list"
        key => "logstash"
        }
}

[root@testpatterns]# cat /etc/logstash/patterns/apache-error
APACHE_ERROR_TIME %{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}
APACHE_ERROR_LOG \[%{APACHE_ERROR_TIME:timestamp}\] \[%{LOGLEVEL:loglevel}\] (?:\[client %{IPORHOST:clientip}\] ){0,1}%{GREEDYDATA:errormsg}

Thursday, September 15, 2016

How to list and delete iptables rules with line numbers

If you are a Linux system administrator, many times you might wanted to list the iptables rules with line numbers and delete any rule with a particular line number. In this post we will see how we can list iptables rules with line numbers and how to delete a rule using line number

Listing iptables rules with line numbers
#iptables --list --line-numbers

Deleting a rule whose number is 3
#iptables -D INPUT 3

Thats it. Try to keep them in mind. They are very useful commands.

Monday, May 25, 2015

setting HTTP Headers in apache httpd.conf

In a lot of cases, we have to set particular http headers for objects. For example to set the caching age, caching control etc. How the http headers can be set? This can be done very easily using the Apache web server configuration file.