mdfranz/bind2nats.yml

## bind2nats.yml
data_dir: /var/lib/vector

sources:
  daemon_log:
    type: file
    include:
      - "/var/log/daemon.log"
    read_from: beginning

transforms:
  parse_bind:
    type: remap
    inputs:
      - daemon_log
    source: |
       .syslog = parse_syslog!(.message)
       .bind = parse_regex!(.syslog.message, r'^client @0x\S+ (?P<src>\S+)#[a-z0-9]+ \((?P<query>\S+)\):*')

sinks:
  nats:
    type: nats
    inputs:
      - parse_bind
    url: "nats://192.168.2.155:4222"
    subject: "{{ .syslog.appname}}.{{ .syslog.hostname }}"
    encoding:
      codec: json
	data_dir: /var/lib/vector

	sources:
	daemon_log:
	type: file
	include:
	- "/var/log/daemon.log"
	read_from: beginning

	transforms:
	parse_bind:
	type: remap
	inputs:
	- daemon_log
	source: \|
	.syslog = parse_syslog!(.message)
	.bind = parse_regex!(.syslog.message, r'^client @0x\S+ (?P<src>\S+)#[a-z0-9]+ \((?P<query>\S+)\):*')

	sinks:
	nats:
	type: nats
	inputs:
	- parse_bind
	url: "nats://192.168.2.155:4222"
	subject: "{{ .syslog.appname}}.{{ .syslog.hostname }}"
	encoding:
	codec: json