pteich/gist:8d43ed6dadfaa74b8b6e

## gistfile1.txt
Regex:
^(?<host>[^ ]*) (?<logname>[^ ]*) (?<user>[^ ]*) \[(?<time>[^\]]*)\] \"GET (?<request_uri>[^\?]+)\?(?<request_args>[^ ]*) (?<request_protocol>[^ ]*)\" (?<response>[^ ]*) (?<bytes>[^ ]*) \"(?<referrer>[^\"]*)\" \"(?<agent>[^\"]*)\" (?<duration>[^ ]*)

Time Format:
%d/%b/%Y:%H:%M:%S %z

fluent.conf
<source>
  type tail
  path /var/log/foo/bar.log
  pos_file /var/log/td-agent/foo-bar.log.pos
  tag foo.bar
  format /^(?<host>[^ ]*) (?<logname>[^ ]*) (?<user>[^ ]*) \[(?<time>[^\]]*)\] \"GET (?<request_uri>[^\?]+)\?(?<request_args>[^ ]*) (?<request_protocol>[^ ]*)\" (?<response>[^ ]*) (?<bytes>[^ ]*) \"(?<referrer>[^\"]*)\" \"(?<agent>[^\"]*)\" (?<duration>[^ ]*)/
  time_format %d/%b/%Y:%H:%M:%S %z
</source>
	Regex:
	^(?<host>[^ ]) (?<logname>[^ ]) (?<user>[^ ]) \[(?<time>[^\]])\] \"GET (?<request_uri>[^\?]+)\?(?<request_args>[^ ]) (?<request_protocol>[^ ])\" (?<response>[^ ]) (?<bytes>[^ ]) \"(?<referrer>[^\"])\" \"(?<agent>[^\"])\" (?<duration>[^ ]*)

	Time Format:
	%d/%b/%Y:%H:%M:%S %z

	fluent.conf
	<source>
	type tail
	path /var/log/foo/bar.log
	pos_file /var/log/td-agent/foo-bar.log.pos
	tag foo.bar
	format /^(?<host>[^ ]) (?<logname>[^ ]) (?<user>[^ ]) \[(?<time>[^\]])\] \"GET (?<request_uri>[^\?]+)\?(?<request_args>[^ ]) (?<request_protocol>[^ ])\" (?<response>[^ ]) (?<bytes>[^ ]) \"(?<referrer>[^\"])\" \"(?<agent>[^\"])\" (?<duration>[^ ]*)/
	time_format %d/%b/%Y:%H:%M:%S %z
	</source>