alpine-overlay/kubezero/fluent-bit/zdt-parsers.conf

23 lines
766 B
Plaintext

[PARSER]
Name syslog-ng-json
Format json
Time_Key time
Time_Format %s.%L
# SQUID access.logs
# "%9d.%03d %6d %s %s/%03d %d %s %s %s %s%s/%s %s"
[PARSER]
Name squid-access
Format regex
Regex /^(?<time>\d+\.\d{1,3})\s+\d+\s(?<host>[^ ]*)\s(?<cache>\w+)\/(?<code>\d+)\s(?<size>\d+)\s(?<method>\S+)\s(?<request_url>[^ ]*)\s(?<user>\S+)\s(?<hierachy_code>\S+)\/(?<forward_host>[^ ]*)\s(?<content_type>\S+)$/
Time_Key time
Time_Format %s.%L
# Laravel logs
[PARSER]
Name laravel
Format regex
Regex /^\[(?<time>\d{4}-\d\d-\d\d \d\d:\d\d:\d\d)\]\s(?<ident>[a-zA-Z0-9]*)\.(?<severity>[a-zA-Z0-9]*):\s(?<message>.*)$/
Time_Key time
Time_Format %Y-%m-%d %H:%M:%S