zhouyl
/
jw-deploy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
jw项目windows环境软件安装
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
741 MiB
Tree: 1470ae0d16
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1470ae0d16'
${ noResults }
jw-deploy/elasticsearch/config/log4j2.properties

280 lines
19 KiB
Raw Normal View History

first commit
1 year ago
  1. status = error
  3. appender.console.type = Console
  4. appender.console.name = console
  5. appender.console.layout.type = PatternLayout
  6. appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
  8. ######## Server JSON ############################
  9. appender.rolling.type = RollingFile
  10. appender.rolling.name = rolling
  11. appender.rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_server.json
  12. appender.rolling.layout.type = ESJsonLayout
  13. appender.rolling.layout.type_name = server
  15. appender.rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.json.gz
  16. appender.rolling.policies.type = Policies
  17. appender.rolling.policies.time.type = TimeBasedTriggeringPolicy
  18. appender.rolling.policies.time.interval = 1
  19. appender.rolling.policies.time.modulate = true
  20. appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
  21. appender.rolling.policies.size.size = 128MB
  22. appender.rolling.strategy.type = DefaultRolloverStrategy
  23. appender.rolling.strategy.fileIndex = nomax
  24. appender.rolling.strategy.action.type = Delete
  25. appender.rolling.strategy.action.basepath = ${sys:es.logs.base_path}
  26. appender.rolling.strategy.action.condition.type = IfFileName
  27. appender.rolling.strategy.action.condition.glob = ${sys:es.logs.cluster_name}-*
  28. appender.rolling.strategy.action.condition.nested_condition.type = IfAccumulatedFileSize
  29. appender.rolling.strategy.action.condition.nested_condition.exceeds = 2GB
  30. ################################################
  31. ######## Server - old style pattern ###########
  32. appender.rolling_old.type = RollingFile
  33. appender.rolling_old.name = rolling_old
  34. appender.rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}.log
  35. appender.rolling_old.layout.type = PatternLayout
  36. appender.rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
  38. appender.rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.log.gz
  39. appender.rolling_old.policies.type = Policies
  40. appender.rolling_old.policies.time.type = TimeBasedTriggeringPolicy
  41. appender.rolling_old.policies.time.interval = 1
  42. appender.rolling_old.policies.time.modulate = true
  43. appender.rolling_old.policies.size.type = SizeBasedTriggeringPolicy
  44. appender.rolling_old.policies.size.size = 128MB
  45. appender.rolling_old.strategy.type = DefaultRolloverStrategy
  46. appender.rolling_old.strategy.fileIndex = nomax
  47. appender.rolling_old.strategy.action.type = Delete
  48. appender.rolling_old.strategy.action.basepath = ${sys:es.logs.base_path}
  49. appender.rolling_old.strategy.action.condition.type = IfFileName
  50. appender.rolling_old.strategy.action.condition.glob = ${sys:es.logs.cluster_name}-*
  51. appender.rolling_old.strategy.action.condition.nested_condition.type = IfAccumulatedFileSize
  52. appender.rolling_old.strategy.action.condition.nested_condition.exceeds = 2GB
  53. ################################################
  55. rootLogger.level = info
  56. rootLogger.appenderRef.console.ref = console
  57. rootLogger.appenderRef.rolling.ref = rolling
  58. rootLogger.appenderRef.rolling_old.ref = rolling_old
  60. ######## Deprecation JSON #######################
  61. appender.deprecation_rolling.type = RollingFile
  62. appender.deprecation_rolling.name = deprecation_rolling
  63. appender.deprecation_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.json
  64. appender.deprecation_rolling.layout.type = ESJsonLayout
  65. appender.deprecation_rolling.layout.type_name = deprecation.elasticsearch
  66. appender.deprecation_rolling.layout.esmessagefields=x-opaque-id
  67. appender.deprecation_rolling.filter.rate_limit.type = RateLimitingFilter
  69. appender.deprecation_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation-%i.json.gz
  70. appender.deprecation_rolling.policies.type = Policies
  71. appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy
  72. appender.deprecation_rolling.policies.size.size = 1GB
  73. appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy
  74. appender.deprecation_rolling.strategy.max = 4
  76. appender.header_warning.type = HeaderWarningAppender
  77. appender.header_warning.name = header_warning
  78. #################################################
  79. ######## Deprecation - old style pattern #######
  80. appender.deprecation_rolling_old.type = RollingFile
  81. appender.deprecation_rolling_old.name = deprecation_rolling_old
  82. appender.deprecation_rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.log
  83. appender.deprecation_rolling_old.layout.type = PatternLayout
  84. appender.deprecation_rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
  85. appender.deprecation_rolling_old.filter.rate_limit.type = RateLimitingFilter
  87. appender.deprecation_rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
  88. _deprecation-%i.log.gz
  89. appender.deprecation_rolling_old.policies.type = Policies
  90. appender.deprecation_rolling_old.policies.size.type = SizeBasedTriggeringPolicy
  91. appender.deprecation_rolling_old.policies.size.size = 1GB
  92. appender.deprecation_rolling_old.strategy.type = DefaultRolloverStrategy
  93. appender.deprecation_rolling_old.strategy.max = 4
  94. #################################################
  95. logger.deprecation.name = org.elasticsearch.deprecation
  96. logger.deprecation.level = deprecation
  97. logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling
  98. logger.deprecation.appenderRef.deprecation_rolling_old.ref = deprecation_rolling_old
  99. logger.deprecation.appenderRef.header_warning.ref = header_warning
  100. logger.deprecation.additivity = false
  102. ######## Search slowlog JSON ####################
  103. appender.index_search_slowlog_rolling.type = RollingFile
  104. appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling
  105. appender.index_search_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs\
  106. .cluster_name}_index_search_slowlog.json
  107. appender.index_search_slowlog_rolling.layout.type = ESJsonLayout
  108. appender.index_search_slowlog_rolling.layout.type_name = index_search_slowlog
  109. appender.index_search_slowlog_rolling.layout.esmessagefields=message,took,took_millis,total_hits,types,stats,search_type,total_shards,source,id
  111. appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs\
  112. .cluster_name}_index_search_slowlog-%i.json.gz
  113. appender.index_search_slowlog_rolling.policies.type = Policies
  114. appender.index_search_slowlog_rolling.policies.size.type = SizeBasedTriggeringPolicy
  115. appender.index_search_slowlog_rolling.policies.size.size = 1GB
  116. appender.index_search_slowlog_rolling.strategy.type = DefaultRolloverStrategy
  117. appender.index_search_slowlog_rolling.strategy.max = 4
  118. #################################################
  119. ######## Search slowlog - old style pattern ####
  120. appender.index_search_slowlog_rolling_old.type = RollingFile
  121. appender.index_search_slowlog_rolling_old.name = index_search_slowlog_rolling_old
  122. appender.index_search_slowlog_rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
  123. _index_search_slowlog.log
  124. appender.index_search_slowlog_rolling_old.layout.type = PatternLayout
  125. appender.index_search_slowlog_rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
  127. appender.index_search_slowlog_rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
  128. _index_search_slowlog-%i.log.gz
  129. appender.index_search_slowlog_rolling_old.policies.type = Policies
  130. appender.index_search_slowlog_rolling_old.policies.size.type = SizeBasedTriggeringPolicy
  131. appender.index_search_slowlog_rolling_old.policies.size.size = 1GB
  132. appender.index_search_slowlog_rolling_old.strategy.type = DefaultRolloverStrategy
  133. appender.index_search_slowlog_rolling_old.strategy.max = 4
  134. #################################################
  135. logger.index_search_slowlog_rolling.name = index.search.slowlog
  136. logger.index_search_slowlog_rolling.level = trace
  137. logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref = index_search_slowlog_rolling
  138. logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling_old.ref = index_search_slowlog_rolling_old
  139. logger.index_search_slowlog_rolling.additivity = false
  141. ######## Indexing slowlog JSON ##################
  142. appender.index_indexing_slowlog_rolling.type = RollingFile
  143. appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling
  144. appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
  145. _index_indexing_slowlog.json
  146. appender.index_indexing_slowlog_rolling.layout.type = ESJsonLayout
  147. appender.index_indexing_slowlog_rolling.layout.type_name = index_indexing_slowlog
  148. appender.index_indexing_slowlog_rolling.layout.esmessagefields=message,took,took_millis,doc_type,id,routing,source
  150. appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
  151. _index_indexing_slowlog-%i.json.gz
  152. appender.index_indexing_slowlog_rolling.policies.type = Policies
  153. appender.index_indexing_slowlog_rolling.policies.size.type = SizeBasedTriggeringPolicy
  154. appender.index_indexing_slowlog_rolling.policies.size.size = 1GB
  155. appender.index_indexing_slowlog_rolling.strategy.type = DefaultRolloverStrategy
  156. appender.index_indexing_slowlog_rolling.strategy.max = 4
  157. #################################################
  158. ######## Indexing slowlog - old style pattern ##
  159. appender.index_indexing_slowlog_rolling_old.type = RollingFile
  160. appender.index_indexing_slowlog_rolling_old.name = index_indexing_slowlog_rolling_old
  161. appender.index_indexing_slowlog_rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
  162. _index_indexing_slowlog.log
  163. appender.index_indexing_slowlog_rolling_old.layout.type = PatternLayout
  164. appender.index_indexing_slowlog_rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
  166. appender.index_indexing_slowlog_rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\
  167. _index_indexing_slowlog-%i.log.gz
  168. appender.index_indexing_slowlog_rolling_old.policies.type = Policies
  169. appender.index_indexing_slowlog_rolling_old.policies.size.type = SizeBasedTriggeringPolicy
  170. appender.index_indexing_slowlog_rolling_old.policies.size.size = 1GB
  171. appender.index_indexing_slowlog_rolling_old.strategy.type = DefaultRolloverStrategy
  172. appender.index_indexing_slowlog_rolling_old.strategy.max = 4
  173. #################################################
  175. logger.index_indexing_slowlog.name = index.indexing.slowlog.index
  176. logger.index_indexing_slowlog.level = trace
  177. logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling
  178. logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling_old.ref = index_indexing_slowlog_rolling_old
  179. logger.index_indexing_slowlog.additivity = false
  182. appender.audit_rolling.type = RollingFile
  183. appender.audit_rolling.name = audit_rolling
  184. appender.audit_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_audit.json
  185. appender.audit_rolling.layout.type = PatternLayout
  186. appender.audit_rolling.layout.pattern = {\
  187. "type":"audit", \
  188. "timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss,SSSZ}"\
  189. %varsNotEmpty{, "node.name":"%enc{%map{node.name}}{JSON}"}\
  190. %varsNotEmpty{, "node.id":"%enc{%map{node.id}}{JSON}"}\
  191. %varsNotEmpty{, "host.name":"%enc{%map{host.name}}{JSON}"}\
  192. %varsNotEmpty{, "host.ip":"%enc{%map{host.ip}}{JSON}"}\
  193. %varsNotEmpty{, "event.type":"%enc{%map{event.type}}{JSON}"}\
  194. %varsNotEmpty{, "event.action":"%enc{%map{event.action}}{JSON}"}\
  195. %varsNotEmpty{, "authentication.type":"%enc{%map{authentication.type}}{JSON}"}\
  196. %varsNotEmpty{, "user.name":"%enc{%map{user.name}}{JSON}"}\
  197. %varsNotEmpty{, "user.run_by.name":"%enc{%map{user.run_by.name}}{JSON}"}\
  198. %varsNotEmpty{, "user.run_as.name":"%enc{%map{user.run_as.name}}{JSON}"}\
  199. %varsNotEmpty{, "user.realm":"%enc{%map{user.realm}}{JSON}"}\
  200. %varsNotEmpty{, "user.run_by.realm":"%enc{%map{user.run_by.realm}}{JSON}"}\
  201. %varsNotEmpty{, "user.run_as.realm":"%enc{%map{user.run_as.realm}}{JSON}"}\
  202. %varsNotEmpty{, "user.roles":%map{user.roles}}\
  203. %varsNotEmpty{, "apikey.id":"%enc{%map{apikey.id}}{JSON}"}\
  204. %varsNotEmpty{, "apikey.name":"%enc{%map{apikey.name}}{JSON}"}\
  205. %varsNotEmpty{, "authentication.token.name":"%enc{%map{authentication.token.name}}{JSON}"}\
  206. %varsNotEmpty{, "authentication.token.type":"%enc{%map{authentication.token.type}}{JSON}"}\
  207. %varsNotEmpty{, "origin.type":"%enc{%map{origin.type}}{JSON}"}\
  208. %varsNotEmpty{, "origin.address":"%enc{%map{origin.address}}{JSON}"}\
  209. %varsNotEmpty{, "realm":"%enc{%map{realm}}{JSON}"}\
  210. %varsNotEmpty{, "url.path":"%enc{%map{url.path}}{JSON}"}\
  211. %varsNotEmpty{, "url.query":"%enc{%map{url.query}}{JSON}"}\
  212. %varsNotEmpty{, "request.method":"%enc{%map{request.method}}{JSON}"}\
  213. %varsNotEmpty{, "request.body":"%enc{%map{request.body}}{JSON}"}\
  214. %varsNotEmpty{, "request.id":"%enc{%map{request.id}}{JSON}"}\
  215. %varsNotEmpty{, "action":"%enc{%map{action}}{JSON}"}\
  216. %varsNotEmpty{, "request.name":"%enc{%map{request.name}}{JSON}"}\
  217. %varsNotEmpty{, "indices":%map{indices}}\
  218. %varsNotEmpty{, "opaque_id":"%enc{%map{opaque_id}}{JSON}"}\
  219. %varsNotEmpty{, "x_forwarded_for":"%enc{%map{x_forwarded_for}}{JSON}"}\
  220. %varsNotEmpty{, "transport.profile":"%enc{%map{transport.profile}}{JSON}"}\
  221. %varsNotEmpty{, "rule":"%enc{%map{rule}}{JSON}"}\
  222. %varsNotEmpty{, "put":%map{put}}\
  223. %varsNotEmpty{, "delete":%map{delete}}\
  224. %varsNotEmpty{, "change":%map{change}}\
  225. %varsNotEmpty{, "create":%map{create}}\
  226. %varsNotEmpty{, "invalidate":%map{invalidate}}\
  227. }%n
  228. # "node.name" node name from the `elasticsearch.yml` settings
  229. # "node.id" node id which should not change between cluster restarts
  230. # "host.name" unresolved hostname of the local node
  231. # "host.ip" the local bound ip (i.e. the ip listening for connections)
  232. # "origin.type" a received REST request is translated into one or more transport requests. This indicates which processing layer generated the event "rest" or "transport" (internal)
  233. # "event.action" the name of the audited event, eg. "authentication_failed", "access_granted", "run_as_granted", etc.
  234. # "authentication.type" one of "realm", "api_key", "token", "anonymous" or "internal"
  235. # "user.name" the subject name as authenticated by a realm
  236. # "user.run_by.name" the original authenticated subject name that is impersonating another one.
  237. # "user.run_as.name" if this "event.action" is of a run_as type, this is the subject name to be impersonated as.
  238. # "user.realm" the name of the realm that authenticated "user.name"
  239. # "user.run_by.realm" the realm name of the impersonating subject ("user.run_by.name")
  240. # "user.run_as.realm" if this "event.action" is of a run_as type, this is the realm name the impersonated user is looked up from
  241. # "user.roles" the roles array of the user; these are the roles that are granting privileges
  242. # "apikey.id" this field is present if and only if the "authentication.type" is "api_key"
  243. # "apikey.name" this field is present if and only if the "authentication.type" is "api_key"
  244. # "authentication.token.name" this field is present if and only if the authenticating credential is a service account token
  245. # "authentication.token.type" this field is present if and only if the authenticating credential is a service account token
  246. # "event.type" informs about what internal system generated the event; possible values are "rest", "transport", "ip_filter" and "security_config_change"
  247. # "origin.address" the remote address and port of the first network hop, i.e. a REST proxy or another cluster node
  248. # "realm" name of a realm that has generated an "authentication_failed" or an "authentication_successful"; the subject is not yet authenticated
  249. # "url.path" the URI component between the port and the query string; it is percent (URL) encoded
  250. # "url.query" the URI component after the path and before the fragment; it is percent (URL) encoded
  251. # "request.method" the method of the HTTP request, i.e. one of GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH, TRACE, CONNECT
  252. # "request.body" the content of the request body entity, JSON escaped
  253. # "request.id" a synthetic identifier for the incoming request, this is unique per incoming request, and consistent across all audit events generated by that request
  254. # "action" an action is the most granular operation that is authorized and this identifies it in a namespaced way (internal)
  255. # "request.name" if the event is in connection to a transport message this is the name of the request class, similar to how rest requests are identified by the url path (internal)
  256. # "indices" the array of indices that the "action" is acting upon
  257. # "opaque_id" opaque value conveyed by the "X-Opaque-Id" request header
  258. # "x_forwarded_for" the addresses from the "X-Forwarded-For" request header, as a verbatim string value (not an array)
  259. # "transport.profile" name of the transport profile in case this is a "connection_granted" or "connection_denied" event
  260. # "rule" name of the applied rule if the "origin.type" is "ip_filter"
  261. # the "put", "delete", "change", "create", "invalidate" fields are only present
  262. # when the "event.type" is "security_config_change" and contain the security config change (as an object) taking effect
  264. appender.audit_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_audit-%d{yyyy-MM-dd}.json
  265. appender.audit_rolling.policies.type = Policies
  266. appender.audit_rolling.policies.time.type = TimeBasedTriggeringPolicy
  267. appender.audit_rolling.policies.time.interval = 1
  268. appender.audit_rolling.policies.time.modulate = true
  270. logger.xpack_security_audit_logfile.name = org.elasticsearch.xpack.security.audit.logfile.LoggingAuditTrail
  271. logger.xpack_security_audit_logfile.level = info
  272. logger.xpack_security_audit_logfile.appenderRef.audit_rolling.ref = audit_rolling
  273. logger.xpack_security_audit_logfile.additivity = false
  275. logger.xmlsig.name = org.apache.xml.security.signature.XMLSignature
  276. logger.xmlsig.level = error
  277. logger.samlxml_decrypt.name = org.opensaml.xmlsec.encryption.support.Decrypter
  278. logger.samlxml_decrypt.level = fatal
  279. logger.saml2_decrypt.name = org.opensaml.saml.saml2.encryption.Decrypter
  280. logger.saml2_decrypt.level = fatal