Configuration
Copy and paste to fluent.conf or td-agent.conf
<source>
type tail
path /var/log/foo/bar.log
pos_file /var/log/td-agent/foo-bar.log.pos
tag foo.bar
format /^(?<pid>[^ ]*) (?<time>[^ ]*) (?<host>[^ ]*) (?<ident>[a-zA-Z0-9_\/\.\-]*) (?:\[(?<pid>[0-9]+)\])?(?:[^\:]*\:)? *(?<message>.*)$/
time_format %Y-%m-%dT%H:%M:%S%z
</source>
type tail
path /var/log/foo/bar.log
pos_file /var/log/td-agent/foo-bar.log.pos
tag foo.bar
format /^(?<pid>[^ ]*) (?<time>[^ ]*) (?<host>[^ ]*) (?<ident>[a-zA-Z0-9_\/\.\-]*) (?:\[(?<pid>[0-9]+)\])?(?:[^\:]*\:)? *(?<message>.*)$/
time_format %Y-%m-%dT%H:%M:%S%z
</source>
Data Inspector
Attributes
| Key | Value |
|---|---|
| time | 2016/06/02 12:40:38 +0000 |
Records
| Key | Value |
|---|---|
| pid | <167>1 |
| host | bdragon.lab.local |
| ident | Vpxa |
| message | :ProcessUpdate] Applying updates from 6463 to 6464 (at 6463) |