type norikra_filter
norikra localhost:26571
path /home/user/.rbenv/versions/jruby-1.7.4/bin/norikra
remove_tag_prefix event
target_map_tag yes
# or
# target_map_key KEYNAME
# or
# target_string TARGET_STRING
include *
exclude yyyymmdd,hhmmss
exclude_regexp f_.*
# OR
# exclude *
# include foo,bar,baz
# include_regexp status.*
field_boolean flag
field_integer status,duration,bytes
name pv_${target}
expression SELECT count(*) AS cnt FROM ${target}.win:time_batch(1 minutes) WHERE not flag
tag pv.${target}
# group pv_query_group # default: nil (default group)
fetch_interval 15s # default -> time_batch / 4 ? -> (none) -> 60s
# fetch_interval is ignored when section specified
name errors_${target}
expression SELECT count(*) AS cnt FROM ${target}.win:time_batch(1 minutes) WHERE status >= 500
tag errors.${target}
fetch_interval 15s
field_int display
name search_words
expression SELECT count(distinct query_search) AS cnt FROM ${target}.win:time_batch(1 minutes) WHERE query_search.length() > 0
tag search.words
name search_rate
expression SELECT count(*) AS cnt FROM ${target}.win:time_batch(1 minutes) WHERE query_search.length() > 0
tag search.rate
method sweep # listen(not implemented)
tag query_name
# tag field FIELDNAME
# tag string TAG_STRING
tag_prefix cep
interval 5s