openstack/openstack-ansible
Code Issues Proposed changes
openstack-ansible/rpc_deployment/roles/logstash/templates/02-rsyslog.conf
d34dh0r53 6f6e75f549 Initial Commit
2014-08-26 18:08:15 -05:00

24 lines
749 B
Plaintext
Raw Blame History

filter {
# Look for rsyslog in the program name and tag it as such, otherwise it's an openstack log.
if [@fields][program] =~ /rsyslogd*/ {
mutate {
add_tag => [ "rsyslogd" ]
add_field => {
"os_program" => "rsyslogd"
"openstack_message" => "%{@message}"
"os_level" => "%{severity_label}"
}
remove_tag => [ "_grokparsefailure" ]
}
}
#---------------------------------------------------------------------------
# Parse & tag generic openstack log message
else {
grok {
match => { "@fields[program]" => "%{CONTAINER_STRIP:os_program}" }
remove_tag => [ "_grokparsefailure" ]
add_tag => [ "_parse_start", "%{os_program}", "openstack-generic" ]
}
}
}
View Git Blame Copy Permalink