- boundary
- csv
- circonus
- cloudwatch
- datadog
- datadog_metrics
- elasticsearch
- exec
- file
- graphtastic
- ganglia
- graphite
- google_bigquery
- google_cloud_storage
- gelf
- http
- hipchat
- irc
- influxdb
- jira
- juggernaut
- kafka
- loggly
- librato
- lumberjack
- mongodb
- metriccatcher
- nagios
- nagios_nsca
- null
- opentsdb
- pagerduty
- pipe
- rackspace
- riak
- riemann
- redis
- redmine
- rabbitmq
- solr_http
- sns
- syslog
- stomp
- statsd
- stdout
- sqs
- s3
- tcp
- udp
- websocket
- xmpp
- zabbix
- zeromq
The zabbix output is used for sending item data to zabbix via the zabbix_sender executable.
For this output to work, your event must have the following fields:
- "zabbix_host" (the host configured in Zabbix)
- "zabbix_item" (the item key on the host in Zabbix)
- "send_field" (the field name that is sending to Zabbix)
In Zabbix, create your host with the same name (no spaces in the name of
the host supported) and create your item with the specified key as a
Zabbix Trapper item. Also you need to set field that will be send to zabbix
as item.value, otherwise @message will be sent.
The easiest way to use this output is with the grep filter. Presumably, you only want certain events matching a given pattern to send events to zabbix, so use grep or grok to match and also to add the required fields.
filter {
grep {
type => "linux-syslog"
match => [ "@message", "(error|ERROR|CRITICAL)" ]
add_tag => [ "zabbix-sender" ]
add_field => [
"zabbix_host", "%{source_host}",
"zabbix_item", "item.key"
"send_field", "field_name"
]
}
grok {
match => [ "message", "%{SYSLOGBASE} %{DATA:data}" ]
add_tag => [ "zabbix-sender" ]
add_field => [
"zabbix_host", "%{source_host}",
"zabbix_item", "item.key",
"send_field", "data"
]
}
}output {
zabbix {
# only process events with this tag
tags => "zabbix-sender"# specify the hostname or ip of your zabbix server # (defaults to localhost) host => "localhost"
# specify the port to connect to (default 10051) port => "10051"
# specify the path to zabbix_sender
# (defaults to "/usr/local/bin/zabbix_sender")
zabbix_sender => "/usr/local/bin/zabbix_sender"
}
}
This plugin supports the following configuration options:
Required configuration options:
zabbix {
}Available configuration options:
- Value type is codec
-
Default value is
"plain"
The codec used for output data. Output codecs are a convenient method for encoding your data before it leaves the output, without needing a separate filter in your Logstash pipeline.
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is array
-
Default value is
[]
Only handle events without any of these tags. Note this check is additional to type and tags.
- Value type is string
-
Default value is
"localhost"
- Value type is number
-
Default value is
10051
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is array
-
Default value is
[]
Only handle events with all of these tags. Note that if you specify a type, the event must also match that type. Optional.
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is string
-
Default value is
""
The type to act on. If a type is given, then this output will only
act on messages with the same type. See any input plugin’s type
attribute for more.
Optional.
- Value type is number
-
Default value is
1
The number of workers to use for this output. Note that this setting may not be useful for all outputs.
- Value type is path
-
Default value is
"/usr/local/bin/zabbix_sender"