fluent-plugin-filter
Component
FilterOutput
Filtering messages by simple allow/deny rules.
Installation
Add this line to your application’s Gemfile:
gem 'fluent-plugin-filter'
And then execute:
$ bundle
Or install it yourself as:
$ gem install fluent-plugin-filter
Configuration
FilterOutput
Filter out messages contains {status : 404}
:
<match accesslog.**>
type filter
all allow
deny status: 404
</match>
<match filtered.**>
type stdout
</match>
in above configuration, {status: 404}
is filtered out and {status: 200}
, {status: 303}
, {status: 401}
passed. Messages passing filter are add_prefix (default filtered.)
So you catch “filtered” tag and do next process.
You can use int, float, string, regexp in value.
FilterFilter
In fluentd >= 0.12, we can use ‘filter` declarative. So release Filter filter:
<filter accesslog.**>
type filter
all allow
deny status: 404
</filter>
Thanks to @cosmo0920
Parameters
all <allow|deny>
Specify basic policy.
allow field:<Pattern> / deny field:<Pattern>
Specify each field policies. If a value for the field matches the pattern, the allow or deny rule is applied.
Pattern := <String|Integer|Float|Regexp>
Patten is parsed by following rules.
-
Integer: a value consisted of degits without “.”. e.g. status:200, price:10000
-
Float: a value consisted of degits with “.” (if you force the value float, set 200.0). e.g. average:145.0
-
Regexp: a value starting with “/” and end with “/”. e.g. path://user/d+/
-
thx @mmacvicar !
-
-
String: a value unmatched below rule or enveloped with " or '.
Contributing
-
Fork it
-
Create your feature branch (‘git checkout -b my-new-feature`)
-
Commit your changes (‘git commit -am ’Added some feature’‘)
-
Push to the branch (‘git push origin my-new-feature`)
-
Create new Pull Request