Fluentular

a Fluentd regular expression editor

Configuration

Copy and paste to fluent.conf or td-agent.conf

<source>
  type tail
  path /var/log/foo/bar.log
  pos_file /var/log/td-agent/foo-bar.log.pos
  tag foo.bar
  format /^(?<time>\w{3} \d{1,2} \d{1,2}:\d{1,2}:\d{1,2}) (?<message>.*: (?<severity>[^ ]*) .*)$/
  time_format %b %d %H:%M:%S
</source>

Data Inspector

Attributes

Key Value
time 2024/12/21 15:49:47 +0000

Records

Key Value
message root: INFO Running daily pipeline for 20151220...
severity INFO