3.15 hekad.toml示例文件

[hekad]
maxprocs=4

#Hekadashboardforinternalmetricsandtimeseriesgraphs
[Dashboard]
type="DashboardOutput"
address=":4352"
ticker_interval=15

#Emailalertingforanomalydetection
[Alert]
type="SmtpOutput"
message_matcher="Type=='heka.sandbox-output'&&Fields[payload_type]=='alert'"
send_from="acme-alert@example.com"
send_to=["admin@example.com"]
auth="Plain"
user="smtp-user"
password="smtp-pass"
host="mail.example.com:25"
encoder="AlertEncoder"

#Userfriendlyformattingofalertmessages
[AlertEncoder]
type="SandboxEncoder"
filename="lua_encoders/alert.lua"

#Nginxaccesslogreader
[AcmeWebserver]
type="LogstreamerInput"
log_directory="/var/log/nginx"
file_match='access\.log'
decoder="CombinedNginxDecoder"

#Nginxaccess'combined'logparser
[CombinedNginxDecoder]
type="SandboxDecoder"
filename="lua_decoders/nginx_access.lua"

[CombinedNginxDecoder.config]
user_agent_transform=true
user_agent_conditional=true
type="combined"
log_format='$remote_addr-$remote_user[$time_local]"$request"$status$body_bytes_sent"$http_referer""$http_user_agent"'

#CollectionandvisualizationoftheHTTPstatuscodes
[AcmeHTTPStatus]
type="SandboxFilter"
filename="lua_filters/http_status.lua"
ticker_interval=60
preserve_data=true
message_matcher="Logger=='AcmeWebserver'"

#rateofchangeanomalydetectiononcolumn1(HTTP200)
[AcmeHTTPStatus.config]
anomaly_config='roc("HTTPStatus",1,15,0,1.5,true,false)'

taxonomy: