Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

fluent-plugin-eval-filter

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

fluent-plugin-eval-filter

0.1.0
Rubygems

Version published: 9 years ago

Maintainers: 1

Created: 9 years ago

Source

fluent-plugin-eval-filter, a plugin for Fluentd

Installation

Add this line to your application's Gemfile:

gem 'fluent-plugin-eval-filter'

And then execute:

$ bundle

Or install it yourself as:

$ gem install fluent-plugin-eval-filter

Usage

<match raw.apache.access>
  type eval_filter
  remove_tag_prefix raw
  add_tag_prefix filtered

  config1 @hostname = `hostname -s`.chomp

  filter1 [[tag, @hostname].join('.'), time, record] if record['method'] == 'GET'
</match>

require libraries

<match raw.apache.access>
  type eval_filter
  remove_tag_prefix raw
  add_tag_prefix filtered
  requires yaml # comma separated values

  config1 @hostname = YAML.load({'hostname' => 'web01'})['hostname']

  filter1 [[tag, @hostname].join('.'), time, record] if record['method'] == 'GET'
</match>

Filter Plugin

Note that this filter version does not have rewrite tag functionality. Should return [time, record].

Configuration

filter:

<filter **>
  type eval
  filter1 "[time, record] if record['status'] == '404'"
  filter2 "[time, record] if record['status'] == 'POST'"
</filter>

typecast(string to integer):

<filter **>
  type eval
  filter1 "record['status'] = record['status'].to_i; [time, record]"
</filter>

modify record(add value):

<filter **>
  type eval
  filter1 "record['user_id'] = record['message'].split(':').last.to_i; [time, record]"
</filter>

input

{'status' => '301', 'message' => 'user_id:1'}
{'status' => '302', 'message' => 'user_id:2'}
{'status' => '404', 'message' => 'user_id:3'}
{'status' => '503', 'message' => 'user_id:4'}
{'status' => '401', 'message' => 'user_id:5'}

output

{'status' => '301', 'message' => 'user_id:1', 'user_id' => 1}
{'status' => '302', 'message' => 'user_id:2', 'user_id' => 2}
{'status' => '404', 'message' => 'user_id:3', 'user_id' => 3}
{'status' => '503', 'message' => 'user_id:4', 'user_id' => 4}
{'status' => '401', 'message' => 'user_id:5', 'user_id' => 5}

Limitation

Can not be used expression substitution.

<match raw.apache.access>
  filter1 "#{tag}"
</match>

'#' Is interpreted as the beginning of a comment.

  filter1 #=> "\""

Contributing

Fork it
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -am 'Add some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request

FAQs

What is fluent-plugin-eval-filter?

Is fluent-plugin-eval-filter well maintained?

Package last updated on 26 Mar 2016

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install