Parser
Parser filters can be used to extract key-value pairs from message data. Logging operator currently supports the following parsers:
Regexp parser
The regexp parser can use regular expressions to parse fields from a message.
filters:
- parser:
regexp:
patterns:
- ".*test_field -> (?<test_field>.*)$"
prefix: .regexp.
For details, see the syslog-ng documentation.
Syslog parser
The syslog parser can parse syslog messages. For details, see the syslog-ng documentation.
filters:
- parser:
syslog-parser: {}
Configuration
Parser
regexp (*RegexpParser, optional) {#parser-regexp}
Default: -
syslog-parser (*SyslogParser, optional) {#parser-syslog-parser}
Default: -
Regexp parser
patterns ([]string, required) {#regexp parser-patterns}
The regular expression patterns that you want to find a match. regexp-parser() supports multiple patterns, and stops the processing at the first successful match.
Default: -
prefix (string, optional) {#regexp parser-prefix}
Insert a prefix before the name part of the parsed name-value pairs to help further processing.
Default: -
template (string, optional) {#regexp parser-template}
Specify a template of the record fields to match against.
Default: -
flags ([]string, optional) {#regexp parser-flags}
Pattern flags
Default: -
SyslogParser
flags ([]string, optional)
Pattern flags
Default: -