我真的是 fluentd 配置的新手,需要帮助才能将此 logstash 配置转换为 fluentd 以开始使用
filter {
if [syslog5424_host] =~ /apilog/ {
if [syslog5424_msg] =~ /\"ApplicationType\"\:\"API\"/ {
json {
source => "syslog5424_msg"
# Remove syslog5424_msg field only if json filter is successful
remove_field => ["syslog5424_msg", "syslog5424_sd", "syslog5424_proc", "syslog5424_pri", "syslog5424_ver", "syslog_facility", "syslog_facility_code"]
}
mutate {
add_tag => ["API"]
replace => { "type" => "api-dev" }
}
}
else {
mutate {
add_tag => ["API"]
}
}
}
}