Class: LogStash::Filters::Syslog_pri

Inherits:

Base

Object
Base
LogStash::Filters::Syslog_pri

Defined in:: lib/logstash/filters/syslog_pri.rb

Overview

Filter plugin for logstash to parse the ‘PRI` field from the front of a Syslog (RFC3164) message. If no priority is set, it will default to 13 (per RFC).

Instance Method Summary collapse

#filter(event) ⇒ Object

def register.
#initialize(*params) ⇒ Syslog_pri constructor

A new instance of Syslog_pri.
#register ⇒ Object

Constructor Details

#initialize(*params) ⇒ `Syslog_pri`

Returns a new instance of Syslog_pri.

# File 'lib/logstash/filters/syslog_pri.rb', line 61

def initialize(*params)
  super

  @facility_code_key = ecs_select[disabled:'syslog_facility_code', v1:'[log][syslog][facility][code]']
  @severity_code_key = ecs_select[disabled:'syslog_severity_code', v1:'[log][syslog][severity][code]']

  @facility_label_key = ecs_select[disabled:'syslog_facility', v1:'[log][syslog][facility][name]']
  @severity_label_key = ecs_select[disabled:'syslog_severity', v1:'[log][syslog][severity][name]']

  # config parameter default:
  @syslog_pri_field_name ||= ecs_select[disabled:'syslog_pri', v1:'[log][syslog][priority]']
end

Instance Method Details

#filter(event) ⇒ `Object`

def register

# File 'lib/logstash/filters/syslog_pri.rb', line 78

def filter(event)
  parse_pri(event)
  filter_matched(event)
end

#register ⇒ `Object`



74
75
76

# File 'lib/logstash/filters/syslog_pri.rb', line 74

def register
  # Nothing
end