K
Q

fluentd create tag based on key value

6/11/2018

Shipping logs from Kubernetes to Fluentd aggregator.

Is there a way to transform one of the key values into the tag value? For example there is key value for application_name. If this could be transformed into the tag value it would be possible to direct to different outputs.

Thanks,

-- user45097
fluentd
kubernetes

Similar Questions

Can't submit job with Flink 1.5 cluster
How to pass variables to a Kubernetes YAML file from Ansible?
Kuberentes - Minikube kubectl error: You must be logged in to the server
Spark Standalone on Kubernetes - application got finished after consecutive master then driver failure
kubernetes csi-sanity test fails in CheckPath method NodeUnPublish volume

2 Answers

6/12/2018

There is no way to edit the tag once the record is created.

The way to do this is to re-emit the record with the rewrite tag filter

You could do something like this:

<match kubernetes_logs>
  @type rewrite_tag_filter
  <rule>
    key application_name
    pattern (.+)
    tag $1
  </rule>
</match>

That said, this method makes fluentd to proccess twice as much records. If you only need to direct records to different endpoints, usually output plugins allow to filter records by key.

-- Ignacio Millán
Source: StackOverflow
6/11/2018

There is a fluentd record_transformer plugin. https://docs.fluentd.org/v1.0/articles/filter_record_transformer

<filter foo.bar>
  @type record_transformer
  <record>
    hostname "#{Socket.gethostname}"
    tag ${tag}
  </record>
</filter>

Example input: {"message":"hello world!"}

Example output : {"message":"hello world!", "hostname":"db001.internal.example.com", "tag":"foo.bar"}

-- Bal Chua
Source: StackOverflow