<match kubernetes.**>
@id kubernetes_nginx_tag
@type rewrite_tag_filter
@log_level trace
<rule>
key kubernetes_container_name
pattern /^ingress-nginx$/
tag kubernetes.nginx
</rule>
</match>
<filter kubernetes.nginx.**>
@id nginx_log_parser
@type parser
@log_level debug
key_name message
reserve_data true
<parse>
@type nginx
expression /"(?<remote_addr>[^ ]*) - \[(?<proxy_protocol_addr>[^ ]*)\] - (?<remote_user>[^ ]*) \[(?<time>[^\]]*)\] \\"(?<method>\S+[^ ]) (?<request>[^ ]*) (?<protocol>[^ ]*)\\" (?<code>[^ ]*) (?<size>[^ ]*) \\"(?<refer>[^ ]*?)\\" \\"(?<http_user_agent>[^ ].*)\\" (?<request_length>[^ ]*) (?<request_time>[^ ]*) \[(?<proxy_upstream_name>[^ ]*)\] (?<upstream_addr>[^ ]*) (?<upstream_resp_length>[^ ]*) (?<upstream_resp_time>[^ ]*) (?<upstream_status>[^ ]*) (?<req_id>[^ ]*)/
time_format %d/%b/%Y:%H:%M:%S %z
</parse>
</filter>
Created
June 7, 2019 21:24
-
-
Save BondAnthony/29b6f292bfdec6d5c779fd1328a0307e to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment