https://github.com/fluent-plugins-nursery/fluent-plugin-map
fluent-plugin-map is the non-buffered plugin that can convert an event log to different event log(s)
https://github.com/fluent-plugins-nursery/fluent-plugin-map
fluentd fluentd-plugin record-manipulation
Last synced: about 1 year ago
JSON representation
fluent-plugin-map is the non-buffered plugin that can convert an event log to different event log(s)
- Host: GitHub
- URL: https://github.com/fluent-plugins-nursery/fluent-plugin-map
- Owner: fluent-plugins-nursery
- License: apache-2.0
- Created: 2012-07-09T17:08:33.000Z (almost 14 years ago)
- Default Branch: master
- Last Pushed: 2021-03-11T02:38:30.000Z (over 5 years ago)
- Last Synced: 2025-04-30T08:55:05.317Z (about 1 year ago)
- Topics: fluentd, fluentd-plugin, record-manipulation
- Language: Ruby
- Size: 70.3 KB
- Stars: 14
- Watchers: 8
- Forks: 8
- Open Issues: 0
-
Metadata Files:
- Readme: README.markdown
- License: LICENSE
Awesome Lists containing this project
README
# fluent-plugin-map
[](https://travis-ci.org/fluent-plugins-nursery/fluent-plugin-map)
fluent-plugin-map(out\_map) is the non-buffered plugin that can convert an event log to different event log(s)
## Requirements
| fluent-plugin-map | fluentd | ruby |
|-------------------|---------|------|
| >= 0.2.0 | >= v0.14.0 | >= 2.1 |
| < 0.2.0 | >= v0.12.0 | >= 1.9 |
## MapFilter
### Configuration
| parameter | description | default |
|-----------|--------------------------------------------------------------------------------------------------------------------------------------------------------|---------|
| map | Specify rule to convert an event log | nil |
| time | Specify rule to convert a time. The format of time is an integer number of seconds since the Epoch | nil |
| record | Specify rule to convert a record.The format of record is hash. | nil |
| multi | Enable to output multi logs | `false` |
| timeout | Specify timeout | `1` |
| format | Specify format. If `map` is specified, the format is `map`. If `time` and `record` is specified, the format is `record`. (`map`, `record`, `multimap`) | nil |
### Example
This sample config filter code file and time file.
@type tail
format apache
path /var/log/httpd-access.log
tag tag
@label @raw
@type copy
@type relabel
@label @code
@type relabel
@label @time
@type map
map ([time, {"code" => record["code"].to_i}])
@type file
path code.log
@type map
map ([time, {"time" => record["time"].to_i}])
@type file
path time.log
The parameter "map" can use 2 variables in event log; time, record. The format of time is an integer number of seconds since the Epoch. The format of record is hash.
The config file parses # as the begin of comment. So the "map" value cannot use #{tag} operation.
This plugin can output multi logs by seting multi to true.
If you don't use multi option, you can use time, record parameter. The 2 following filter directive is same:
@type map
map ([time, {"code" => record["code"].to_i}])
@type map
time time
record ({"code" => record["code"].to_i})
## MapOutput
### Configuration
| parameter | description | default |
|-----------|------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------|
| map | Specify rule to convert an event log | nil |
| time | Specify rule to convert a time. The format of time is an integer number of seconds since the Epoch | nil |
| record | Specify rule to convert a record.The format of record is hash. | nil |
| multi | Enable to output multi logs | `false` |
| timeout | Specify timeout | `1` |
| format | Specify format. If `map` is specified, the format is `map`. If `time` and `record` and (`tag` or `key`) are specified, the format is `record`. (`map`, `record`) | nil |
| key | Specify the key in record. This parameter is deprecated. | nil |
| tag | Specify the tag in record | nil |
### Example
This sample config output code file and time file.
@type tail
format apache
path /var/log/httpd-access.log
tag tag
@type map
map ([["code." + tag, time, {"code" => record["code"].to_i}], ["time." + tag, time, {"time" => record["time"].to_i}]])
multi true
@type file
path code.log
@type file
path time.log
The parameter "map" can use 3 variables in event log; tag, time, record. The format of time is an integer number of seconds since the Epoch. The format of record is hash.
The config file parses # as the begin of comment. So the "map" value cannot use #{tag} operation.
This plugin can output multi logs by seting multi to true.
If you don't use multi option, you can use key, time, record parameter. The 2 following match directive is same:
@type map
map (["code." + tag, time, {"code" => record["code"].to_i}])
@type map
tag ("code." + tag)
time time
record ({"code" => record["code"].to_i})
## Note
you have to wrap some configuration values with parenthesis like `("code." + tag)`, to avoid parsing by Fluentd itself.
See also: [Config File Syntax - Fluentd](https://docs.fluentd.org/configuration/config-file#format-tips)
## Copyright
* Copyright (c) 2015- Tomita Kohei
* Apache License, Version 2.0