mirror/iopsys-feed
1
0
Fork 0
mirror of https://dev.iopsys.eu/feed/iopsys.git synced 2025-12-10 07:44:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fluent-bit: align kmsg output fields with syslog fields

Browse source 
- this allows for a better mapping to the data model
- this reduces load on fluent-bit because now one OUTPUT section
  is sufficient (earlier we needed two output sections because of
  two different templates)
This commit is contained in:
Mohd Husaam Mehdi 2025-08-04 14:27:43 +05:30
parent 27b9fb9350
commit 1c17fed77d
1 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
fluent-bit/patches/0005-kmsg_log.patch
View file

@ -1,5 +1,5 @@
diff --git a/plugins/in_kmsg/in_kmsg.c b/plugins/in_kmsg/in_kmsg.c
index cd5c4cd17..9524cf194 100644
index cd5c4cd17..63d61405e 100644
--- a/plugins/in_kmsg/in_kmsg.c
+++ b/plugins/in_kmsg/in_kmsg.c
@@ -165,6 +165,15 @@ static inline int process_line(const char *line,
@ -18,14 +18,19 @@ index cd5c4cd17..9524cf194 100644
/* Now process the human readable message */
p = strchr(p, ';');
if (!p) {
@@ -198,7 +207,10 @@ static inline int process_line(const char *line,
@@ -197,8 +206,14 @@ static inline int process_line(const char *line,
FLB_LOG_EVENT_CSTRING_VALUE("usec"),
FLB_LOG_EVENT_UINT64_VALUE(tv.tv_usec),
FLB_LOG_EVENT_CSTRING_VALUE("msg"),
- FLB_LOG_EVENT_CSTRING_VALUE("msg"),
- FLB_LOG_EVENT_STRING_VALUE((char *) p, line_len - 1));
+ FLB_LOG_EVENT_CSTRING_VALUE("ident"),
+ FLB_LOG_EVENT_STRING_VALUE("kernel", 6),
+
+ FLB_LOG_EVENT_CSTRING_VALUE("message"),
+ FLB_LOG_EVENT_STRING_VALUE((char *) p, line_len - 1),
+
+ FLB_LOG_EVENT_CSTRING_VALUE("syslog_ts"),
+ FLB_LOG_EVENT_CSTRING_VALUE("time"),
+ FLB_LOG_EVENT_STRING_VALUE(syslog_ts, syslog_ts_len));
}