Skip to content

Instantly share code, notes, and snippets.

@wrouesnel

wrouesnel/gist:418fc39f70f04ad2ab56b099c6955540

Created April 12, 2017 17:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wrouesnel/418fc39f70f04ad2ab56b099c6955540 to your computer and use it in GitHub Desktop.
Save wrouesnel/418fc39f70f04ad2ab56b099c6955540 to your computer and use it in GitHub Desktop.
Download ZIP
rsyslog for structured output
Raw
gistfile1.txt
module(load="imfile" mode="inotify")
input(type="imfile"
Tag="log"
File="/run/*.log"
Ruleset="applogs"
addMetadata="on")
template(name="jsonfmt" type="list") {
property(name="timegenerated" dateformat="rfc3339")
constant(value=" ")
property(name="$!service")
constant(value=" : ")
property(name="msg")
constant(value="\n")
}
ruleset(name="applogs") {
set $!service=re_extract($!metadata!filename, "(.*)/([^/]*)", 0, 2, "unknown");
action(type="ompipe" Pipe="/proc/1/fd/1" template="jsonfmt")
stop
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment