The ELK, new machine as fluentd client, fluentd version 1.2.6,/etc/td - agent/td - agent. The conf configuration is as follows:

 
 
@ type tail # # # # tail way to collect log 
The path/data/log/nginx/access/test. The log # # # log path 
The format/^ (?  [^] *) - \ [(? & lt; time_local & gt; [^]] *) \] \ [(? & lt; msec> [^]] *) \] (?  (\ S +)?  "] *) \ [^ \ S * "(?  ((^) *)? <body_bytes_sent & gt; ((^) *) "?  [^ \] *) "" ("? 
Types time_local: string, msec: request_time: an integer, float, upstream_response_time: float, method: string, path: string, status: integer, body_bytes_sent: integer, http_referer: string, clientVersion: string, request_body: string, request_params: string 
The tag test. Server_product_05 
Pos_file/data/log/td - agent/task - access. Enter the pos 
Time_key time 
Time_format unixtime 
 

@ type forward 
Send_timeout 60 s 
Recover_wait 10 s 
Heartbeat_interval 1 s 
Phi_threshold 16 
Hard_timeout 60 s 
 
The name logserver 
The host X.X.X.X 
The port XXXX 
 
 
@ type file 
The path/data/log/td - agent/forward - failed 
 
# secondary host is optional 
# & lt; Secondary> 
# host 192.168.0.12 
# & lt;/secondary> 
 

Pushed to the client request log server log format for
Tag time=(date) (month) (year) when the minutes record request json=
Because the format of the time is not a timestamp, which leads to the log write less than elasticsearch, according to the official documentation configuration time_key time_format doesn't work,

Thanks for your reply,