Skip to content

Instantly share code, notes, and snippets.

I may be slow to respond.

Jannis Gebauer jayfk

I may be slow to respond.
View GitHub Profile
kiyoto /
Last active Oct 21, 2015
Grok in Fluentd?

One of the common questions on Fluentd is "does Fluentd handle my log?" At the moment, the answer to this question comes down to one of the following three:

  1. Yes, with in_xxx plugin
  2. Yes, if you use in_tail with a custom regex
  3. Yes, if you extend an existing plugin or write a new one =p

While we can't expect to meet all needs with our core plugins (and that's why there are 3rd party plugins), we want to make things easier and simpler.

One idea that I've been thinking about is adding Grok-like parser. For those who don't know what Grok is, it's a regex macro library originally developed by Jordan Sissel (of Logstash). A big upshot here is that a lot of grok patterns have already been written, and we can immediately take advantage of them.