Bernhard Mallinger
--- a/fluentd/conf/fluent.conf 0 → 100644

+ 49

− 0
+++ b/fluentd/conf/fluent.conf 0 → 100644

+ 49

− 0
+<system>
+  log_level debug
+</system>
+
+<source>
+  @type forward
+  port 24224
+  bind 0.0.0.0
+</source>
+
+<match docker.apache2>
+  @type rewrite_tag_filter
+  <rule>
+    key source
+    pattern /^(.*)$/
+    tag $1.${tag}
+  </rule>
+</match>
+
+<filter stdout.docker.apache2>
+  @type parser
+  key_name log
+  reserve_data true
+  <parse>
+   @type regexp
+   # this is basically apache2 but also has the request time at the end as extra field
+   expression /^(?<host>[^ ]*) [^ ]* (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<path>[^ ]*) +\S*)?" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")? (?<request_serve_duration>[^ ]*)$/
+   time_format %d/%b/%Y:%H:%M:%S %z
+   types request_serve_duration:integer
+  </parse>
+</filter>
+
+<match *.**>
+  @type copy
+
+  <store>
+    @type elasticsearch
+    host elasticsearch
+    port 9200
+    logstash_format true
+    logstash_prefix fluentd
+    logstash_dateformat %Y%m%d
+    include_tag_key true
+    type_name access_log
+    tag_key @log_name
+    flush_interval 1s
+  </store>
+
+</match>