[syslog-ng] (no subject)
Radu Gheorghe
radu.gheorghe at sematext.com
Fri Jul 18 18:57:13 CEST 2014
Hi,
This is my first post here, so I have to start by thanking all the
contributors for an awesome product :)
My question is about adding an array to a JSON document. What I'm trying to
do is to send a message like this:
@cee: {"message": "test message", "tags":["test", "message"]}
My template looks a like this:
template("@cee: $(format-json --pair message=\"$MSG\" --pair
tags="test")\n")
This works fine for a single tag, but how can I add multiple ones?
The broader use-case is that I want to add tags to logs matching a specific
filter. For example:
----------------------
filter user_tests { facility(user) and message(test) };
destination logsene_tests {
syslog("logsene-receiver-syslog.sematext.com"
transport("tcp")
port(514)
template("@cee: $(format-json --pair message=\"$MSG\" --pair
tags=\"test\")\n")
);
};
log { source(all_syslog); filter(user_tests); destination(logsene_tests);
flags(final); };
----------------------
If there's a better way to add multiple tags to a log, please tell me - I'm
good with making big changes if it leads to a cleaner/better config.
Best regards,
Radu
--
Performance Monitoring * Log Analytics * Search Analytics
Solr & Elasticsearch Support * http://sematext.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20140718/f78c5a99/attachment.htm
More information about the syslog-ng
mailing list