One of the common questions on Fluentd is "does Fluentd handle my log?" At the moment, the answer to this question comes down to one of the following three:
- Yes, with in_xxx plugin
- Yes, if you use in_tail with a custom regex
- Yes, if you extend an existing plugin or write a new one =p
While we can't expect to meet all needs with our core plugins (and that's why there are 3rd party plugins), we want to make things easier and simpler.
One idea that I've been thinking about is adding Grok-like parser. For those who don't know what Grok is, it's a regex macro library originally developed by Jordan Sissel (of Logstash). A big upshot here is that a lot of grok patterns have already been written, and we can immediately take advantage of them.
I am imagining it to look like this from the config standpoint:
<source>
type tail
format grok
grok_pattern <your grok pattern here>
</source>
Feedback is more than welcome.
This would be awesome!