diff --git a/build-image/logstash/log-alert.sh b/build-image/logstash/log-alert.sh index 384a999..cfd1c21 100755 --- a/build-image/logstash/log-alert.sh +++ b/build-image/logstash/log-alert.sh @@ -1,17 +1,17 @@ #!/bin/bash # @timestamp serviceName env level message -if (($#!=5));then - echo "./log-alert.sh %{@timestamp} %{serviceName} %{env} %{level} %{message}" +if (($#!=6));then + echo "./log-alert.sh %{@timestamp} %{serviceName} %{env} %{level} %{message} %{stack_trace}" exit 1 fi -if [[ -z $1 || -z $2 || -z $3 || -z $4 || -z $5 ]];then +if [[ -z $1 || -z $2 || -z $3 || -z $4 || -z $5 || -z $6 ]];then echo "one of '%{@timestamp} %{serviceName} %{env} %{level} %{message}' is empty" exit 1 fi -msg="timestamp: $1\nserviceName: $2\nenv: $3\nlevel: $4\nmessage: $5\n" +msg="timestamp: $1\nserviceName: $2\nenv: $3\nlevel: $4\nmessage: $5\nstack_trace: $6\n" #echo -ne $msg curl -X POST -H "Content-Type: application/json" -d "{\"msg_type\":\"text\",\"content\":{\"text\":\"$msg\"}}" https://open.feishu.cn/open-apis/bot/v2/hook/29dd52e5-70d5-44b0-a443-22ea85382646 \ No newline at end of file diff --git a/dev-upgrade/elastic/logstash-alert.yaml b/dev-upgrade/elastic/logstash-alert.yaml index 453f310..ddc8804 100644 --- a/dev-upgrade/elastic/logstash-alert.yaml +++ b/dev-upgrade/elastic/logstash-alert.yaml @@ -35,6 +35,13 @@ data: if [message] =~ "Fail to parse JWT due to: Jwt expired at" { drop {} } + if [message] =~ "Unauthorized access" { + drop {} + } + if [message] =~ "exchange refresh token" { + drop {} + } + mutate { split => { "[log][file][path]" => "/" } add_field => { "env" => "%{[log][file][path][3]}" } @@ -51,7 +58,7 @@ data: # codec => "json_lines" # } exec { - command => "/usr/local/bin/log-alert.sh '%{@timestamp}' '%{serviceName}' '%{env}' '%{level}' '%{message}'" + command => "/usr/local/bin/log-alert.sh '%{@timestamp}' '%{serviceName}' '%{env}' '%{level}' '%{message}' '%{stack_trace}'" } } logstash.yml: |-