Hi,

This is my first post here, so I have to start by thanking all the contributors for an awesome product :)

My question is about adding an array to a JSON document. What I'm trying to do is to send a message like this:

@cee: {"message": "test message", "tags":["test", "message"]}

My template looks a like this:

template("@cee: $(format-json --pair message=\"$MSG\" --pair tags="test")\n")

This works fine for a single tag, but how can I add multiple ones?

The broader use-case is that I want to add tags to logs matching a specific filter. For example:
----------------------
filter user_tests { facility(user) and message(test) };

destination logsene_tests {
    syslog("logsene-receiver-syslog.sematext.com"
      transport("tcp")
      port(514)
      template("@cee: $(format-json --pair message=\"$MSG\" --pair tags=\"test\")\n")
    );
};

log { source(all_syslog); filter(user_tests); destination(logsene_tests); flags(final); };
----------------------

If there's a better way to add multiple tags to a log, please tell me - I'm good with making big changes if it leads to a cleaner/better config.

Best regards,
Radu
--
Performance Monitoring * Log Analytics * Search Analytics
Solr & Elasticsearch Support * http://sematext.com/