Parser

Parser filters can be used to extract key-value pairs from message data. Logging operator currently supports the following parsers:

Regexp parser

The regexp parser can use regular expressions to parse fields from a message.

  filters:
  - parser:
      regexp:
        patterns:
        - ".*test_field -> (?<test_field>.*)$"
        prefix: .regexp.

For details, see the documentation of the AxoSyslog syslog-ng distribution.

Syslog parser

The syslog parser can parse syslog messages. For details, see the documentation of the AxoSyslog syslog-ng distribution.

  filters:
  - parser:
      syslog-parser: {}

Configuration

Parser

regexp (*RegexpParser, optional)

Default: -

syslog-parser (*SyslogParser, optional)

Default: -

Regexp parser

patterns ([]string, required)

The regular expression patterns that you want to find a match. regexp-parser() supports multiple patterns, and stops the processing at the first successful match. For details, see the regexp-parser() documentation of the AxoSyslog syslog-ng distribution.

Default: -

prefix (string, optional)

Insert a prefix before the name part of the parsed name-value pairs to help further processing. For details, see the regexp-parser() documentation of the AxoSyslog syslog-ng distribution.

Default: -

template (string, optional)

Specify a template of the record fields to match against. For details, see the regexp-parser() documentation of the AxoSyslog syslog-ng distribution.

Default: -

flags ([]string, optional)

Flags to influence the behavior of the regexp-parser(). For details, see the regexp-parser() documentation of the AxoSyslog syslog-ng distribution.

Default: -

SyslogParser

flags ([]string, optional)

Flags to influence the behavior of the syslog-parser(). For details, see the syslog-parser() documentation of the AxoSyslog syslog-ng distribution.

Default: -

Last modified August 31, 2023: Merge pull request #181 from kube-logging/lo-4.3-image-versions (2c7faf2)