Справочник по Logstash — 3. Фильтрация и клонирование для архива

input {
  beats {
    port => 5044
  }
}

filter {
  if [log][level] == "error" {
    clone {
      clones => ["archive"]
      add_tag => ["archived_error"]
    }
  }
}

output {
  if "archived_error" in [tags] {
    file {
      path => "/var/log/errors-archive/%{+YYYY-MM-dd}.log"
      codec => json_lines
    }
  }

  elasticsearch {
    hosts => ["http://es:9200"]
    index => "logs-%{[@metadata][beat]}-%{+YYYY.MM.dd}"
  }
}

input {
  beats {
    port => 5044
  }
}

filter {
  if [log][level] == "error" {
    clone {
      clones => ["archive"]
      add_tag => ["archived_error"]
    }
  }
}

output {
  if "archived_error" in [tags] {
    file {
      path => "/var/log/errors-archive/%{+YYYY-MM-dd}.log"
      codec => json_lines
    }
  }

  elasticsearch {
    hosts => ["http://es:9200"]
    index => "logs-%{[@metadata][beat]}-%{+YYYY.MM.dd}"
  }
}

Встраивание в Docusaurus

В MDX статьи it-knowledge-base — компонент ExternalCodeEmbed:

<ExternalCodeEmbed
  example="ruby/infra-security-8-8-04-devops-ci-cd-3119-003"
  title="Справочник по Logstash — 3. Фильтрация и клонирование для архива"
/>