Configuration
Copy and paste to fluent.conf or td-agent.conf
<source>
type tail
path /var/log/foo/bar.log
pos_file /var/log/td-agent/foo-bar.log.pos
tag foo.bar
format /(?<time>\[(?<time>[^\]\[]+)])\s+(?<Thread>\S+)\s+(?<Level>\S+)\s+(?<EventId>\S+)\s+(?<Message>[^ ].*$)/
time_format %Y-%m-%d %H:%M:%S
</source>
type tail
path /var/log/foo/bar.log
pos_file /var/log/td-agent/foo-bar.log.pos
tag foo.bar
format /(?<time>\[(?<time>[^\]\[]+)])\s+(?<Thread>\S+)\s+(?<Level>\S+)\s+(?<EventId>\S+)\s+(?<Message>[^ ].*$)/
time_format %Y-%m-%d %H:%M:%S
</source>
Data Inspector
Attributes
| Key | Value |
|---|---|
| time | 2018/04/11 08:44:30 +0000 |
Records
| Key | Value |
|---|---|
| Thread | Thread=[20] |
| Level | Level=[INFO] |
| EventId | EventId=[2] |
| Message | Message=[Request finished in 1.1825ms 200 text/plain; charset=utf-8] |