filtergrok

package

v0.0.0-...-c13075e Latest Latest Go to latest Published: Apr 20, 2024 License: MIT Imports: 5 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/tsaikd/gogstash

Links

Open Source Insights

README ¶

Synopsis

filter:
  - type: grok
    # (optional) grok patterns, default: ["%{COMMONAPACHELOG}"]
    match: ["%{COMMONAPACHELOG}"]
    # (optional) message field to parse, default: "message"
    source: "message"
    # (optional) grok patterns file path, default: empty
    patterns_path: "path/to/file"

NOTICE: If you using yaml config file, \ should be written in \\ in match patterns. For example: "\\[%{HTTPDATE:nginx.access.time}\\]".

Faster grok parser

If you need faster grok parse speed (by using C code binding regexp library: Onigmo), you can compile gogstash from source code.

A Dockerfile example:

FROM golang:alpine

ARG version

RUN apk --update add --no-cache ca-certificates git tzdata build-base

# build onigmo
WORKDIR /src/build/
RUN git clone https://github.com/k-takata/Onigmo.git --depth=1 \
  && cd Onigmo && ./configure && make && make install

WORKDIR /go/src/github.com/tsaikd/gogstash
COPY . /go/src/github.com/tsaikd/gogstash
RUN sed -i -e 's/github.com\/vjeantet\/grok/github.com\/tengattack\/grok/' /go/src/github.com/tsaikd/gogstash/filter/grok/filtergrok.go \
  && go get -d -v ./...
RUN go build -ldflags "-X main.Version=$version"

Documentation ¶

Index ¶

Constants
func InitHandler(ctx context.Context, raw config.ConfigRaw, control config.Control) (config.TypeFilterConfig, error)
type FilterConfig
- func DefaultFilterConfig() FilterConfig
- func (f *FilterConfig) Event(ctx context.Context, event logevent.LogEvent) (logevent.LogEvent, bool)

Constants ¶

View Source

const ErrorTag = "gogstash_filter_grok_error"

ErrorTag tag added to event when process module failed

View Source

const ModuleName = "grok"

ModuleName is the name used in config file

Variables ¶

This section is empty.

Functions ¶

func InitHandler ¶

func InitHandler(
	ctx context.Context,
	raw config.ConfigRaw,
	control config.Control,
) (config.TypeFilterConfig, error)

InitHandler initialize the filter plugin

Types ¶

type FilterConfig ¶

type FilterConfig struct {
	config.FilterConfig

	PatternsPath      string            `json:"patterns_path"`       // path to patterns file
	Patterns          map[string]string `json:"patterns"`            // pattern definitions
	Match             []string          `json:"match"`               // match pattern
	Source            string            `json:"source"`              // source message field name
	RemoveEmptyValues bool              `json:"remove_empty_values"` // remove empty values
	// contains filtered or unexported fields
}

FilterConfig holds the configuration json fields and internal objects

func DefaultFilterConfig ¶

func DefaultFilterConfig() FilterConfig

DefaultFilterConfig returns an FilterConfig struct with default values

func (*FilterConfig) Event ¶

func (f *FilterConfig) Event(ctx context.Context, event logevent.LogEvent) (logevent.LogEvent, bool)

Event the main filter event

Source Files ¶

View all Source files

filtergrok.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL