Fluentular

a Fluentd regular expression editor

Configuration

Copy and paste to fluent.conf or td-agent.conf

<source>
  type tail
  path /var/log/foo/bar.log
  pos_file /var/log/td-agent/foo-bar.log.pos
  tag foo.bar
  format /^(?<time>\w{3}\s{1,2}\d{1,2}\s\d{2}:\d{2}:\d{2}) (?<host>(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))/
  time_format %b %e %T
</source>

Data Inspector

Attributes

Key Value
time 2023/07/01 01:06:56 +0000

Records

Key Value
host 192.168.12.1