Detailed examples for specific outputs ๐Ÿ”—︎

Filter examples in Flows ๐Ÿ”—︎

YAML files for simple logging flows with filter examples.

GeoIP filter ๐Ÿ”—︎

apiVersion: logging.banzaicloud.io/v1beta1
kind: Flow
metadata:
  name: geoip-sample
spec:
  filters:
    - tag_normaliser:
        format: ${namespace_name}.${pod_name}.${container_name}
    - parser:
        remove_key_name_field: true
        parse:
          type: nginx
    - geoip:
        geoip_lookup_keys: remote
        backend_library: geoip2_c
        records:
          - city: ${city.names.en["remote"]}
            location_array: '''[${location.longitude["remote"]},${location.latitude["remote"]}]'''
            country: ${country.iso_code["remote"]}
            country_name: ${country.names.en["remote"]}
            postal_code:  ${postal.code["remote"]}
  localOutputRefs:
    - null-output-sample
  match:
    - select:
        labels:
          app: nginx

Parser and tag normalizer ๐Ÿ”—︎

apiVersion: logging.banzaicloud.io/v1beta1
kind: Flow
metadata:
  name: flow-sample
  namespace: default
spec:
  filters:
    - parser:
        remove_key_name_field: true
        parse:
          type: nginx
    - tag_normaliser:
        format: ${namespace_name}.${pod_name}.${container_name}
  localOutputRefs:
    - s3-output
  match:
    - select:
        labels:
          app: nginx

Dedot filter ๐Ÿ”—︎

apiVersion: logging.banzaicloud.io/v1beta1
kind: Flow
metadata:
  name: flow-sample
  namespace: default
spec:
  filters:
    - parser:
        remove_key_name_field: true
        parse:
          type: nginx
    - tag_normaliser:
        format: ${namespace_name}.${pod_name}.${container_name}
    - dedot: {}
  localOutputRefs:
    - s3-output
  match:
    - select:
        labels:
          app: nginx