Esempio n. 1
0
// Called once for every line that will be processed
func (gd *GrokData) Filter(evt *event.Event) error {
	//fmt.Println(evt.GetMessage())
	match, err := gd.grok.Match(evt.Message)
	if err != nil {
		return err
	}

	for k, v := range match {
		if strings.Contains(k, ":") {
			newkey := strings.SplitN(k, ":", 2)[1]
			evt.SetField(newkey, v)
		}
	}
	return nil
}
Esempio n. 2
0
func (es *ElasticSearch) Output(evt *event.Event) error {
	_, err := evt.ToJSON()
	if err != nil {
		log.Printf("Error generating json: %v\n", err)
	}

	t := time.Now()
	index := fmt.Sprintf("logstash-%d.%02d.%02d",
		t.Year(),
		t.Month(),
		t.Day())

	data, err := evt.ToJSON()

	response, err := core.Index(true, index, evt.Type, "", string(data))
	if err != nil {
		log.Printf("Error: %+v %v\n", response, err)
		return err
	}
	return nil
	//fmt.Println(string(j))
}