K
Q

How to format logs in fluend while also adding additional fileds?

1/14/2020

I'd want to add additioanl fields to a json log, such as timestamp and metadata, while also keeping the log itself as a string value of a "message" key.

For example, if the log I'm receiving is {"Hello":"World"}, what I eventually want is to have the following:

{
 "timestamp":"2020-01-101T01:02:03",
 "metadata":{"foo":"bar"},
 "message": "{\"Hello\":\"World\"}"
}
-- Roman Vogman
fluentd
kubernetes

Similar Questions

kubernetes helm, jenkins lost token
Making kubectl apply command idempotent in ansible
Helm umbrella chart with mutual exclusive subcharts managed with a single flag
Helm Set Docker Image Tag Dynamically

1 Answer

5/21/2020

You're looking for filter_record_transformer.

Something like:

<filter foo.bar>
  @type record_transformer
  enable_ruby true
  <record>
    metadata '{"foo":"bar"}'
    timestamp ${time.iso8601}
  </record>
</filter>

Note: enable_ruby true is required to transform ${time} to the format you're after. If you don't need to manipulate strings or similar, you can leave that line out.

-- Ari
Source: StackOverflow