I am using the lastest Fluentd /td-agent. How to filter out liveness, readiness health check from Fluentd streaming to Elasticsearch? I would also like to exclude fluent.trace. Sample output seen from Kibana:
{
"_index": "aspnetapistarter.logs-2019.07.14",
"_type": "_doc",
"_id": "zFSL72sBodUyUY6Nychc",
"_version": 1,
"_score": null,
"_source": {
"@timestamp": "2019-07-14T08:13:59.1083593+00:00",
"level": "Information",
"messageTemplate": "{HostingRequestStartingLog:l}",
"message": "Request starting HTTP/1.1 GET http://10.1.1.55:5000/health/live ",
"fields": {
"Protocol": "HTTP/1.1",
"Method": "GET",
"ContentType": null,
"ContentLength": null,
"Scheme": "http",
"Host": "10.1.1.55:5000",
"PathBase": "",
"Path": "/health/live",
"QueryString": "",
"HostingRequestStartingLog": "Request starting HTTP/1.1 GET http://10.1.1.55:5000/health/live ",
"EventId": {
"Id": 1
},
"SourceContext": "Microsoft.AspNetCore.Hosting.Internal.WebHost",
"RequestId": "0HLO86B34CTB4:00000001",
"RequestPath": "/health/live",
"CorrelationId": null,
"ConnectionId": "0HLO86B34CTB4"
},
"renderings": {
"HostingRequestStartingLog": [
{
"Format": "l",
"Rendering": "Request starting HTTP/1.1 GET http://10.1.1.55:5000/health/live "
}
]
},
"tag": "aspnetcore"
},
"fields": {
"@timestamp": [
"2019-07-14T08:13:59.108Z"
]
},
"sort": [
1563092039108
]
}
I have tried this but doesn't work:
<filter fluent.*>
@type grep
<exclude>
key tag
pattern fluent.trace
</exclude>
</filter>
<filter aspnetcore-access>
@type grep
<exclude>
key fields.Path
pattern health
</exclude>
</filter>
<filter aspnetcore-access>
@type grep
<exclude>
key fields.RequestPath
pattern health
</exclude>
</filter>
Thanks. WTF is this: "It looks like your post is mostly code; please add some more details."
The exact syntax is here:
<filter foo.bar>
@type grep
<regexp>
key message
pattern /cool/
</regexp>
<regexp>
key hostname
pattern /^web\d+\.example\.com$/
</regexp>
<exclude>
key message
pattern /uncool/
</exclude>
</filter>
https://docs.fluentd.org/filter/grep
So for example you can try:
<filter aspnetcore-access>
@type grep
<exclude>
key message
pattern /health/
</exclude>
</filter>