Parser filters can be used to extract key-value pairs from message data. Logging operator currently supports the following parsers:

Regexp parser 🔗︎

The regexp parser can use regular expressions to parse fields from a message.

  filters:
  - parser:
      regexp:
        patterns:
        - ".*test_field -> (?<test_field>.*)$"
        prefix: .regexp.

For details, see the syslog-ng documentation.

Syslog parser 🔗︎

The syslog parser can parse syslog messages. For details, see the syslog-ng documentation.

  filters:
  - parser:
      syslog-parser: {}

Configuration 🔗︎

Parser 🔗︎

regexp (*RegexpParser, optional) {#parser-regexp} 🔗︎

Default: -

syslog-parser (*SyslogParser, optional) {#parser-syslog-parser} 🔗︎

Default: -

Regexp parser 🔗︎

patterns ([]string, required) {#regexp parser-patterns} 🔗︎

The regular expression patterns that you want to find a match. regexp-parser() supports multiple patterns, and stops the processing at the first successful match.

Default: -

prefix (string, optional) {#regexp parser-prefix} 🔗︎

Insert a prefix before the name part of the parsed name-value pairs to help further processing.

Default: -

template (string, optional) {#regexp parser-template} 🔗︎

Specify a template of the record fields to match against.

Default: -

flags ([]string, optional) {#regexp parser-flags} 🔗︎

Pattern flags

Default: -

SyslogParser 🔗︎

flags ([]string, optional) 🔗︎

Pattern flags

Default: -