Sha256: d6f9af0c79b39bfd1293d92538b2a74f8b451ab940ff5dc0e743e389a0795312
Contents?: true
Size: 765 Bytes
Versions: 1
Compression:
Stored size: 765 Bytes
Contents
require 'fluent_plugin_filter_parse_audit_log/version' require 'audit_log_parser-aeber' class FluentParseAuditLogFilter < Fluent::Filter Fluent::Plugin.register_filter('parse_audit_log', self) config_param :key, :string, default: 'message' config_param :flatten, :bool, default: false config_param :keep_keys, :array, default: nil def filter(tag, time, record) line = record[@key] return record unless line new_record = AuditLogParser.parse_line(line, flatten: @flatten) @keep_keys.each do |k| new_record[k] = record[k] if record.has_key?(k) end if @keep_keys new_record rescue => e log.warn "failed to parse a audit log: #{line}", error_class: e.class, error: e.message log.warn_backtrace record end end
Version data entries
1 entries across 1 versions & 1 rubygems
Version | Path |
---|---|
fluent-plugin-filter-parse-audit-log-aeber-0.2.0 | lib/fluent/plugin/filter_parse_audit_log.rb |