Filter examples in Flows
YAML files for simple logging flows with filter examples.
GeoIP filter
apiVersion: logging.banzaicloud.io/v1beta1
kind: Flow
metadata:
name: geoip-sample
spec:
filters:
- tag_normaliser:
format: ${namespace_name}.${pod_name}.${container_name}
- parser:
remove_key_name_field: true
parse:
type: nginx
- geoip:
geoip_lookup_keys: remote
backend_library: geoip2_c
records:
- city: ${city.names.en["remote"]}
location_array: '''[${location.longitude["remote"]},${location.latitude["remote"]}]'''
country: ${country.iso_code["remote"]}
country_name: ${country.names.en["remote"]}
postal_code: ${postal.code["remote"]}
localOutputRefs:
- null-output-sample
match:
- select:
labels:
app: nginxParser and tag normalizer
apiVersion: logging.banzaicloud.io/v1beta1
kind: Flow
metadata:
name: flow-sample
namespace: default
spec:
filters:
- parser:
remove_key_name_field: true
parse:
type: nginx
- tag_normaliser:
format: ${namespace_name}.${pod_name}.${container_name}
localOutputRefs:
- s3-output
match:
- select:
labels:
app: nginx
Dedot filter
apiVersion: logging.banzaicloud.io/v1beta1
kind: Flow
metadata:
name: flow-sample
namespace: default
spec:
filters:
- parser:
remove_key_name_field: true
parse:
type: nginx
- tag_normaliser:
format: ${namespace_name}.${pod_name}.${container_name}
- dedot: {}
localOutputRefs:
- s3-output
match:
- select:
labels:
app: nginxMultiple format
apiVersion: logging.banzaicloud.io/v1beta1
kind: Flow
metadata:
name: flow-sample
spec:
filters:
- parser:
parse:
type: multi_format
patterns:
- format: nginx
- format: regexp
expression: /^\[(?<logtime>[^\]]*)\] (?<name>[^ ]*) (?<title>[^ ]*) (?<id>\d*)$/
- format: none
remove_key_name_field: true
reserve_data: true
localOutputRefs:
- s3-output
match:
- select:
labels:
app.kubernetes.io/instance: nginx-demo
app.kubernetes.io/name: nginx-logging-demo
Last modified February 7, 2025: Merge pull request #277 from vfaergestad/docs-dup-line (d5fb6a4)