fluent-plugin-parser-cri icon indicating copy to clipboard operation
fluent-plugin-parser-cri copied to clipboard
verified publisher icon fluent

multiple log format support

Open karthiknagraj opened this issue 3 years ago • 0 comments

Hi, I have containers that emit logs in containerd format, Which is

2022-12-21T16:39:12.398315079Z stdout F 10.1.92.199 - - [21/Dec/2022:16:39:12 +0000] "GET / HTTP/1.1" 200 8430 "-" "kube-probe/1.24+" "-"

also, I have a few containers which emit logs in JSON format

2023-01-03T10:51:18.181368202Z stderr F  {"event":{"severity":"Critical","version":"1.0","eventName":"availability state","eventStatus":"UP"}}

Below is my current configuration:

<source>
  @type tail
  @id in_tail_container_logs
  path /var/log/containers/*.log
  exclude_path ["/var/log/containers/fluentd*.log"]
  pos_file /var/log/{{.ID}}-fluentd-containers.log.pos
  pos_file_compaction_interval 72h
  tag kubernetes.*
  read_from_head true
  follow_inodes true
  <parse>
    @type cri
    merge_cri_fields true
    time_format %Y-%m-%dT%H:%M:%S.%NZ
  </parse>
</source>

With the above Config, I am only getting logs that are in text format. How can I get logs of both text and JSON formats. Please let me know how I can achieve this goal. Thanks

karthiknagraj avatar Jan 03 '23 11:01 karthiknagraj