đź” Want to centralize and monitor your logs?
Go to Logtail and start your log management in 5 minutes.
Conditional statements can be seamlessly integrated into Fluentd's record_transformer plugin. Here’s how you can do it:
/etc/fluent/fluentd.conf
<filter mylogs>
@type record_transformer
enable_ruby true
<record>
is_successful ${record["status"] == 200 ? "true" : "false"}
</record>
</filter>
In this example, the record_transformer plugin is employed to add an is_successful field to the log records. The value of this field is determined by a ternary operator (a concise conditional statement). It sets is_successful to "true" if the status field equals 200, and "false" otherwise.
Consider the following dummy log source:
/etc/fluent/fluentd.conf
<source>
@type dummy
dummy '{"timestamp":"2024-01-27T08:33:17","severity":"ERROR"}'
format json
tag mylogs
</source>
You can apply a conditional statement to assess the contents of the severity field as follows:
/etc/fluent/fluentd.conf
...
<filter mylogs>
@type record_transformer
enable_ruby true
<record>
has_error ${record["severity"] == "ERROR" ? "true" : "false"}
</record>
</filter>
<match mylogs>
@type stdout
</match>
In this filter directive, the has_error field will be dynamically populated based on the conditional statement. If the severity field contains "ERROR", has_error is set to true, and false otherwise.
When Fluentd is executed, the logs will be augmented with the has_error field, reflecting the result of the conditional check:
Output
2024-01-29 05:26:50.076341943 +0000 mylogs: {"timestamp":"2024-01-27T08:33:17","severity":"ERROR","has_error":"true"}
In cases where the severity is anything other than "ERROR", the has_error field would be set to false:
Output
2024-01-29 05:26:50.076341943 +0000 mylogs: {"timestamp":"2024-01-27T08:33:17","severity":"INFO","has_error":"false"}
For more in-depth knowledge and various techniques on Fluentd, including conditional processing of log data, explore our comprehensive guide on collecting, processing, and shipping log data with Fluentd.
Got an article suggestion?
Let us know
Explore more
How to Add Tags to My Fluentd Events
Questions
How to Use Environmental Variables in Fluentd Config
Questions
How to Fix The “Pattern Not Match” Error in Fluentd
Questions
How to Rotate Log Files in Fluentd?
Questions
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
-
How to Add Tags to My Fluentd Events
Here is how you can add tags to Fluentd events. Let's assume you configured Fluentd to process Nginx access logs from the access.log file with a source configuration like this: @type tail pa...
Questions -
How to Use Environmental Variables in Fluentd Config
Fluentd, starting from version v1.13.0, allows the integration of environment variables within its configuration using the syntax #{ENV['YOUR_ENV_VARIABLE']}. For instance, if you've defined an env...
Questions -
How to Fix The “Pattern Not Match” Error in Fluentd
If you're new to FluentD and looking to build a solid foundation, consider checking out our comprehensive guide on how to collect, process, and ship log data with Fluentd. It provides valuable insi...
Questions -
How to Rotate Log Files in Fluentd?
Fluentd offers the capability to set up log rotation, particularly useful when managing large volumes of logs that consume significant disk space. This feature can be configured through Fluentd's s...
Questions