[heka] What timestamp_layout for UNIX time-stamp?

Mon, 14 Jul 2014 17:33:34 -0700 

What timestamp_layout should I use if I want to match a unix time-stamp (
seconds since epoch ) with the PayloadRegexDecoder?

I tried "1136239445", but my heka message is the current time not the time
in the message payload.

Gory details:

[hekad]

base_dir = "/tmp/hekad"


[nagios_log]

Type = "LogstreamerInput"

log_directory = "/var/log/nagios/"

file_match = 'nagios\.log'

decoder = "nagios_log_decoder"

hostname = "admin.pubfactory.com"


[nagios_log_decoder]

Type = "PayloadRegexDecoder"

match_regex = '^\[(?P<nagios_epoch>\d+)\] (?P<nagios_type>HOST
NOTIFICATION):
(?P<nagios_notifyname>\S+);(?P<nagios_hostname>\S+);(?P<nagios_state>.+);(?P<nagios_contact>\S+);(?P<nagios_message>.+)'

timestamp_layout = '1136239445'

timestamp_location = 'America/New_York'

log_errors = false


[nagios_log_decoder.message_fields]

Type = "NagiosLogFile"

Timestamp = "%nagios_epoch%"

nagios_type = "%nagios_type%"

nagios_notifyname = "%nagios_notifyname%"

nagios_hostname = "%nagios_hostname%"

nagios_state = "%nagios_state%"

nagios_contact = "%nagios_contact%"

nagios_message = "%nagios_message%"


[debug]

type = "LogOutput"

message_matcher = "Logger == 'nagios_log'"

#message_matcher = "TRUE"


2014/07/14 19:38:43 <

Timestamp: 2014-07-14 19:38:43.273791521 -0400 EDT

Type: NagiosLogFile

Hostname: admin.pubfactory.com

Pid: 0

UUID: 20c65961-890c-4ef0-9967-44cd17dde0a6

Logger: nagios_log

Payload: [1405368416] HOST NOTIFICATION:
preston;voices.revealdigital.com;DOWN;notify-host-by-email;Unknown
BPI Group Index


EnvVersion:

Severity: 7

Fields: [name:"Timestamp" value_type:STRING representation:""
value_string:"1405368416"  name:"nagios_type" value_type:STRING
representation:"" value_string:"HOST NOTIFICATION"
 name:"nagios_notifyname" value_type:STRING representation:""
value_string:"preston"  name:"nagios_hostname" value_type:STRING
representation:"" value_string:"voices.revealdigital.com"
 name:"nagios_state" value_type:STRING representation:""
value_string:"DOWN"  name:"nagios_contact" value_type:STRING
representation:"" value_string:"notify-host-by-email"
 name:"nagios_message" value_type:STRING representation:""
value_string:"Unknown BPI Group Index" ]

>

-- 
Augie Schwer    -    [email protected]    -    http://schwer.us

_______________________________________________
Heka mailing list
[email protected]
https://mail.mozilla.org/listinfo/heka

Reply via email to