geoip

概述 logstash 之所以强大和流行，与其丰富的过滤器插件是分不开的 过滤器提供的并不单单是过滤的功能，还可以对进入过滤器的原始数据进行复杂的逻辑处理，甚至添加独特的新事件到后续流程中 强大的文本解析工具 -- Grok grok 是一个十分强大的 logstash filter 插件，他可以解析任何格式的文本，他是目前 logstash 中解析非结构化日志数据最好的方式 基本用法 Grok 的语法规则是： %{语法 : 语义} “语法”指的就是匹配的模式，例如使用 NUMBER 模式可以匹配出数字，IP 则会匹配出 127.0.0.1 这样的 IP 地址： %{NUMBER:lasttime}%{IP:client} 默认情况下，所有“语义”都被保存成字符串，你也可以添加转换到的数据类型 %{NUMBER:lasttime:int}%{IP:client} 目前转换类型只支持 int 和 float 覆盖 -- overwrite 使用 Grok 的 overwrite 参数也可以覆盖日志中的信息 filter { grok { match => { "message" => "%{SYSLOGBASE} %{DATA:message}" } overwrite => [ "message" ] } } 日志中的 message 字段将会被覆盖 示例 对于下面的log

Possible Duplicate: How to get the page visitors Country with PHP? I've been searching everywhere, and I can't seem to find anything. I need a free PHP GeoIP/Ip to country. All I can find is that it gives me the country and small form of the country. I also would like to have information of possible street or coords, city, and maybe host information? I need this because I am creating a PHP CMS (for myself and clients) and I want to track ips. I don't really want an API, I want it like a database. Any ideas ? MaxMind GeoLite database: http://dev.maxmind.com/geoip/geolite OR pay for the full

We are using aws elastic beanstalk for our PHP application on EC2 instance. Since we opted for load balancing, it keeps changing the instance time and again. I am wondering if we install a PHP plugin, will it be affected by change of instance or it will be available in new instance as well? Asking this question because we have observed everytime instance is changed by elastic beanstalk, our application is redeployed. We need to install Geoip plugin. How to install it without affecting it on instance change ? If you keep the env settings saved, you will always have the same EC2 settings when

一、设置NGINX日志格式 [root@zabbix_server ~]# vim /etc/nginx/nginx.conf log_format access_json_log '{"@timestamp":"$time_local",' '"http_host":"$http_host",' '"clinetip":"$remote_addr",' '"request":"$request",' '"status":"$status",' '"size":"$body_bytes_sent",' '"upstream_addr":"$upstream_addr",' '"upstream_status":"$upstream_status",' '"upstream_response_time":"$upstream_response_time",' '"request_time":"$request_time",' '"http_referer":"$http_referer",' '"http_user_agent":"$http_user_agent",' '"http_x_forwarded_for":"$http_x_forwarded_for"}'; access_log /var/log/nginx/access.log access_json_log; 二

How to convert MaxMinds MMDB GeoIP to DAT format so that I can use with modsecurity+Apache. Modsecurity supports only DAT format. As of February 2019, the following Python script is the best option for converting GeoIP2 MMDB format to legacy .dat format: https://github.com/sherpya/geolite2legacy Using this script, somebody has done the conversion and made the resulting .dat files available for download: https://www.miyuru.lk/geoiplegacy The Legacy GeoIP builds (.dat) are not going away in the near future. If they do ever go away, you could build off of the .dat build program that Debian uses

docker之Dockerfile指令介绍 Docker通过对于在Dockerfile中的一系列指令的顺序解析实现自动的image的构建 　　通过使用build命令，根据Dockerfiel的描述来构建镜像 　　通过源代码路径的方式 　　通过标准输入流的方式 通过源代码路径 　　Dockerfile需要放置在项目的根目录位置 　　在构建的时候，Dockerfile client会把整个context打包发送到Docker Server端，然后由server端负责build镜像，在构建成功后，会删除context目录 　　docker build -t {镜像名字} {项目路径可以是相对路径} 　　docker利用Dockerfile来构建新镜像之前，先来了解一下Dockerfile创建中使用到的指令 通过标准输入流： 　　通过标准输入流的方式获取Dockerfile的内容 　　client不会打包上传context目录，因此对于一些ADD、COPY等涉及host本地文件复制的操作不能够支持 　　docker build -t {镜像名字} - < Dockerfile路径 build cache： 　　Dockerfile中的每一个指令执行完毕后，都会提交为一个image，这样保证了指令之间不会有影响 　　Dockerfile会尽可能尝试重用之前已经构建的镜像