nsyslog
Version:
Modular new generation log agent. Reads, transform, aggregate, correlate and send logs from sources to destinations
103 lines (96 loc) • 1.95 kB
JSON
{
"config" : {
"datadir" : "/tmp/nsyslog2",
"input" : {"maxPending" : 1000},
"buffer" : {"maxPending": 1000},
"processor" : {"maxPending": 1000},
"transporter" : {"maxPending": 1000}
},
"inputs" : {
"file" : {
"type" : "file",
"when" : {
"filter": false,
"bypass": false
},
"config" : {
"path" : "/var/log/**/*.log",
"watch" : true,
"readmode" : "offset",
"offset" : "start"
}
}
},
"processors" : {
"timestamp" : {
"type" : "timestamp",
"config" : {}
},
"seq" : {
"type" : "sequence",
"config" : {
"start" : 0
}
},
"totuple" : {
"type" : "properties",
"config" : {
"deep" : false,
"extend" : true,
"set" : {
"tuple" : ["${originalMessage}", "${timestamp}", "${filename}"]
}
}
},
"fromtuple" : {
"type" : "properties",
"config" : {
"deep" : false,
"extend" : true,
"set" : {
"count" : "${tuple[0]}",
"tokens" : "${tuple[1]}"
}
}
},
"tokenize" : {
"type" : "multilang",
"config" : {
"path" : "node /opt/nsyslog/multilang/js/tokenize.js",
"cores" : 4,
"wire" : "group",
"field" : "${filename}",
"module" : false,
"input" : "${tuple}",
"output" : "tuple",
"options" : {
"timeout" : 100
}
}
}
},
"processorGroups" : {
"alltoken" : ["totuple","tokenize","fromtuple"]
},
"transporters" : {
"log" : {
"type" : "console",
"config" : {"format" : "${seq} : ${count} => ${tokens}", "level" : "log"}
},
"file" : {
"type" : "file",
"config" : {
"path" : "/var/logout${path}"
}
},
"null" : {
"type" : "null"
}
},
"transporterGroups" : {
"all" : {"mode" : "parallel", "transporters" : ["null","file"]}
},
"flows" : [
{"from":"*", "processors":["timestamp","$alltoken"], "transporters":"$all"}
]
}