Skip to content

Instantly share code, notes, and snippets.

@liemle3893
Last active April 28, 2020 02:55
Show Gist options
  • Save liemle3893/e29f26cee7558a04a00b27622ecfef7e to your computer and use it in GitHub Desktop.
Save liemle3893/e29f26cee7558a04a00b27622ecfef7e to your computer and use it in GitHub Desktop.
[SERVICE]
Flush 1
Log_Level info
Parsers_File parsers.conf
[INPUT]
NAME dummy
Dummy {"log":"{\"ClientAddr\":\"10.30.83.2:51764\",\"ClientHost\":\"10.30.83.2\",\"ClientPort\":\"51764\",\"ClientUsername\":\"-\",\"DownstreamContentSize\":2,\"DownstreamStatus\":200,\"Duration\":271946,\"OriginContentSize\":2,\"OriginDuration\":44897,\"OriginStatus\":200,\"Overhead\":227049,\"RequestAddr\":\"10.30.83.2:38931\",\"RequestContentSize\":0,\"RequestCount\":76,\"RequestHost\":\"10.30.83.2\",\"RequestMethod\":\"GET\",\"RequestPath\":\"/ping\",\"RequestPort\":\"38931\",\"RequestProtocol\":\"HTTP/1.1\",\"RequestScheme\":\"http\",\"RetryAttempts\":0,\"RouterName\":\"ping@internal\",\"StartLocal\":\"2020-04-16T17:54:28.235942534+07:00\",\"StartUTC\":\"2020-04-16T10:54:28.235942534Z\",\"entryPointName\":\"traefik\",\"level\":\"info\",\"msg\":\"\",\"time\":\"2020-04-16T17:54:28+07:00\"}\n","stream":"stdout","attrs":{"NOMAD_ALLOC_ID":"458b35bb-e8d0-5584-e1bb-e86277cc06e7","NOMAD_DC":"QTSC","NOMAD_GROUP_NAME":"traefik","NOMAD_JOB_NAME":"ingress","NOMAD_NAMESPACE":"default","NOMAD_TASK_NAME":"traefik"},"time":"2020-04-16T10:54:28.236573284Z"}
Tag docker
Parser docker
[FILTER]
Name modify
Match docker
Rename stream __stream__
Rename time __time__
Rename attrs __attrs__
[FILTER]
Name nest
Match docker
Operation lift
Nested_under log
[FILTER]
Name modify
Match docker
Rename __time__ time
[FILTER]
Name modify
Match docker
Rename time @timestamp
# Traefik/HTTP endpoint specific. Exclude Request about ping/health check
[FILTER]
Name grep
Match docker
Exclude RequestPath /(ping|metrics|health(z?))
# Rewrite logs tagged with docker to Nomad
[FILTER]
Name nest
Operation lift
Match *
Nested_under __attrs__
Add_prefix __attrs__
[FILTER]
Name rewrite_tag
Match docker
Rule $__attrs__NOMAD_ALLOC_ID ^(.*)$ nomad false
Emitter_Name nomad_reemitted
Emitter_Storage.type memory
[FILTER]
Name nest
Match nomad
Operation nest
Wildcard __attrs__*
Remove_prefix __attrs__
Nest_under __attrs__
[OUTPUT]
Name stdout
Match *
[PARSER]
Name docker
Format json
Time_Key time
Time_Format %Y-%m-%dT%H:%M:%S.%L
Time_Keep On
# Command | Decoder | Field | Optional Action
# =============|==================|=================
Decode_Field_As escaped_utf8 log do_next
Decode_Field_As json log
[PARSER]
Name dummy_test
Format regex
Regex ^(?<__attrs__NOMAD_DC>[^ ]+)/(?<__attrs__NOMAD_REGION>[^ ]+)/(?<__attrs__NOMAD_NAMESPACE>[^ ]+)/(?<__attrs__NOMAD_JOB_NAME>[^ ]+)/(?<__attrs__NOMAD_GROUP_NAME>[^ ]+)/(?<__attrs__NOMAD_TASK_NAME>[^ ]+)/(?<__attrs__NOMAD_ALLOC_ID>[^ ]+)/(?<__attrs__IP>.+)$
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment