// Called once for every line that will be processed
func (gd *GrokData) Filter(evt *event.Event) error {
//fmt.Println(evt.GetMessage())
match, err := gd.grok.Match(evt.Message)
if err != nil {
return err
}
for k, v := range match {
if strings.Contains(k, ":") {
newkey := strings.SplitN(k, ":", 2)[1]
evt.SetField(newkey, v)
}
}
return nil
}
