nsyslog
Version:
Modular new generation log agent. Reads, transform, aggregate, correlate and send logs from sources to destinations
57 lines (52 loc) • 901 B
JSON
{
"config" : {
"datadir" : "/tmp/nsyslog",
"input" : {"buffer" : 1000},
"process" : {"buffer": 1000}
},
"inputs" : {
"file" : {
"type" : "file",
"when" : {
"filter" : {
"$expr" : {"$eval":"${originalMessage}.indexOf('root')>=0"}
},
"match" : "process",
"nomatch" : "block"
},
"config" : {
"path" : "/var/log/**/*.log",
"watch" : false,
"readmode" : "offset",
"offset" : "start"
}
}
},
"processors" : {
"prop1" : {
"type" : "properties",
"config" : {
"set" : {
"ROOT" : true
}
}
}
},
"transporters" : {
"console" : {
"type" : "console",
"config" : {
"format" : "${JSON}"
}
},
"null" : {
"type" : "null"
}
},
"flows" : [
{
"from":"file",
"processors":["prop1"], "transporters":["null"], "mode":"parallel"
}
]
}