7,164
edits
Logstash cheat sheet: Difference between revisions
→geoip, user-agent
| Line 344: | Line 344: | ||
https://github.com/ua-parser/uap-core/blob/master/regexes.yaml | https://github.com/ua-parser/uap-core/blob/master/regexes.yaml | ||
https://raw.githubusercontent.com/ua-parser/uap-core/master/regexes.yaml | https://raw.githubusercontent.com/ua-parser/uap-core/master/regexes.yaml | ||
geoip 更新処理 | |||
<syntaxhighlight lang="bash" enclose="div"> | |||
wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz | |||
wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.mmdb.gz | |||
wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-ASN.tar.gz | |||
rm *.old | |||
mv GeoLite2-City.mmdb GeoLite2-City.mmdb.old | |||
mv GeoLite2-Country.mmdb GeoLite2-Country.mmdb.old | |||
mv GeoLite2-ASN.mmdb GeoLite2-ASN.mmdb.old | |||
gunzip GeoLite2-City.mmdb.gz | |||
gunzip GeoLite2-Country.mmdb.gz | |||
tar xfz GeoLite2-ASN.tar.gz --strip=1 --wildcards */GeoLite2-ASN.mmdb | |||
rm GeoLite2-ASN.tar.gz | |||
</syntaxhighlight> | |||
== enable high precision timestamps == | == enable high precision timestamps == | ||