etc/logstash_cambria_template.conf - onap/dmaap/messagerouter/msgrtr - Gitiles

 input {
         file {
                 path => "${CAMBRIA_SERVER_LOG}"
                 codec => multiline {
                         pattern => "^\[%{YEAR}-%{MONTH}-%{MONTHDAY}%{SPACE}%{HOUR}:%{MINUTE}:%{SECOND}\]"
                         negate => "true"
                         what => "previous"
                 }
                 sincedb_path => "/opt/app/logstash/conf_stage/.sincedb_cambria"
                 start_position => "beginning"
                 type => "cambria"
         }
 }

 filter {
 	if [type] == "cambria" {
 	        grok {
 	                match => ["message", "\[(?<date>%{YEAR}-%{MONTH}-%{MONTHDAY}%{SPACE}%{HOUR}:%{MINUTE}:%{SECOND})\]\[%{DATA:logLevel}\]\[%{DATA:thread}\]\[%{DATA:class}\]\[%{DATA:id}\]%{GREEDYDATA:message}"]
 	        }

 	        date {
 	                match => ["date", "YYYY-MMM-DD HH:mm:ss,SSS"]
 	        }
 	}
 }

 output {
 	if [type] == "cambria" {
             elasticsearch {
                     cluster => "2020SA"
                     host => "${ELASTICSEARCH_NODES}"
                     index => "cambria-%{+YYYY.MM.dd}"
             }
     }
 }
	input {
	file {
	path => "${CAMBRIA_SERVER_LOG}"
	codec => multiline {
	pattern => "^\[%{YEAR}-%{MONTH}-%{MONTHDAY}%{SPACE}%{HOUR}:%{MINUTE}:%{SECOND}\]"
	negate => "true"
	what => "previous"
	}
	sincedb_path => "/opt/app/logstash/conf_stage/.sincedb_cambria"
	start_position => "beginning"
	type => "cambria"
	}
	}

	filter {
	if [type] == "cambria" {
	grok {
	match => ["message", "\[(?<date>%{YEAR}-%{MONTH}-%{MONTHDAY}%{SPACE}%{HOUR}:%{MINUTE}:%{SECOND})\]\[%{DATA:logLevel}\]\[%{DATA:thread}\]\[%{DATA:class}\]\[%{DATA:id}\]%{GREEDYDATA:message}"]
	}

	date {
	match => ["date", "YYYY-MMM-DD HH:mm:ss,SSS"]
	}
	}
	}

	output {
	if [type] == "cambria" {
	elasticsearch {
	cluster => "2020SA"
	host => "${ELASTICSEARCH_NODES}"
	index => "cambria-%{+YYYY.MM.dd}"
	}
	}
	}