Tips about fluentd(td-agent2)

2017-08-28 14:22:54来源:oschina作者:ShaoMing人点击

分享

Remove a key with fluentd

http://docs.fluentd.org/articles/filter_record_transformer#removekeys-optional-string-typeParsing nested JSON

https://github.com/edsiper/fluent-plugin-docker

@type parser
key_name log
format json
reserve_data true


@type parser
key_name message
format json
reserve_data true
Using record's create timestampas the time of message pack.


type tail
tag app.log.event
path /var/log/app/event.log
pos_file /var/tmp/app.log.event.pos
format json
time_key created_at
Using record's createtimestamp as the @time for ElasticSearch.

type record_reformer
enable_ruby true
tag api.access.timestamp

@timestamp ${time.strftime('%Y-%m-%dT%H:%M:%S%z')}



removing space from the value of time for the timestamp format of ElasticSearch.

Other usefull blogs:

http://qiita.com/harukasan/items/0e69f5c17f12db7b2e98
http://qiita.com/kiyoto/items/9903718147adde4d6c32

最新文章

123

最新摄影

微信扫一扫

第七城市微信公众平台