summaryrefslogtreecommitdiffstats
path: root/collectors/log2journal/tests.d/full.yaml
blob: 86cafb5a2a1189cbc625d5f8f98a6c7b5833c2f8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
pattern: |
  (?x)                                   # Enable PCRE2 extended mode
  ^
  (?<NGINX_REMOTE_ADDR>[^ ]+) \s - \s    # NGINX_REMOTE_ADDR
  (?<NGINX_REMOTE_USER>[^ ]+) \s         # NGINX_REMOTE_USER
  \[
    (?<NGINX_TIME_LOCAL>[^\]]+)          # NGINX_TIME_LOCAL
  \]
  \s+ "
  (?<MESSAGE>
    (?<NGINX_METHOD>[A-Z]+) \s+          # NGINX_METHOD
    (?<NGINX_URL>[^ ]+) \s+
    HTTP/(?<NGINX_HTTP_VERSION>[^"]+)
  )
  " \s+
  (?<NGINX_STATUS>\d+) \s+               # NGINX_STATUS
  (?<NGINX_BODY_BYTES_SENT>\d+) \s+      # NGINX_BODY_BYTES_SENT
  "(?<NGINX_HTTP_REFERER>[^"]*)" \s+     # NGINX_HTTP_REFERER
  "(?<NGINX_HTTP_USER_AGENT>[^"]*)"      # NGINX_HTTP_USER_AGENT

prefix: NGINX_

filename:
  key: NGINX_LOG_FILENAME

filter:
  include: '.*'
  exclude: '.*HELLO.*WORLD.*'

rename:
  - new_key: TEST1
    old_key: TEST2
  - new_key: TEST3
    old_key: TEST4

inject:
  - key: SYSLOG_IDENTIFIER
    value: 'nginx-log'
  - key: SYSLOG_IDENTIFIER2
    value: 'nginx-log2'
  - key: PRIORITY
    value: '${NGINX_STATUS}'
  - key: NGINX_STATUS_FAMILY
    value: '${NGINX_STATUS}${NGINX_METHOD}'

rewrite:
  - key: "PRIORITY"
    value: "${NGINX_STATUS}"
    inject: yes
    stop: no
  - key: "PRIORITY"
    match: "^[123]"
    value: 6
  - key: "PRIORITY"
    match: "^4"
    value: 5
  - key: "PRIORITY"
    match: "^5"
    value: 3
  - key: "PRIORITY"
    match: ".*"
    value: 4
  - key: "NGINX_STATUS_FAMILY"
    match: "^(?<first_digit>[1-5])"
    value: "${first_digit}xx"
  - key: "NGINX_STATUS_FAMILY"
    match: ".*"
    value: "UNKNOWN"

unmatched:
  key: MESSAGE
  inject:
    - key: PRIORITY
      value: 1
    - key: PRIORITY2
      value: 2