Match
Match filters can be used to select the log records to process. These filters have the same options and syntax as the syslog-ng flow match expressions.
filters:
- match:
or:
- regexp:
value: json.kubernetes.labels.app.kubernetes.io/name
pattern: apache
type: string
- regexp:
value: json.kubernetes.labels.app.kubernetes.io/name
pattern: nginx
type: string
Configuration
MatchExpr
and ([]MatchExpr, optional)
Default: -
not (*MatchExpr, optional)
Default: -
regexp (*RegexpMatchExpr, optional)
Default: -
or ([]MatchExpr, optional)
Default: -
Regexp Directive
Specify filtering rule. For details, see the AxoSyslog Core documentation
pattern (string, required)
Pattern expression to evaluate
Default: -
template (string, optional)
Specify a template of the record fields to match against.
Default: -
value (string, optional)
Specify a field name of the record to match against the value of.
Default: -
flags ([]string, optional)
Pattern flags
Default: -
type (string, optional)
Pattern type
Default: -
Example Regexp
filter configurations
apiVersion: logging.banzaicloud.io/v1beta1
kind: Flow
metadata:
name: demo-flow
spec:
filters:
- match:
regexp:
- value: first
pattern: ^5\d\d$
match: {}
localOutputRefs:
- demo-output
Syslog-NG Config Result
log {
source(main_input);
filter {
match("^5\d\d$" value("first"));
};
destination(output_default_demo-output);
};
Last modified December 27, 2023: Version number bumps (00b4afd)