One of my goals is to collect logs from a mail server and keep tabs on the number of messages and delivery delay to various ISPs. However, this requires some summarization, and I cannot see how to do this directly with the TICK stack.
I have to read from the log files using the telegref "tail" handler because I cannot alter the mail server itself to post the data directly into influx/telegraf. The transformation I need to make is to take the domain name of the destination and coalesce them into the ISP identifier. For example, hotmail would encompass all mail to msn.com, hotmail.com, outlook,com, live.com, and some others; yahoo includes the likes of yahoo.com, yahoo.co.uk, and so forth. I have a postgres function called `classify_isp($domain)` that I want to reproduce here. Any domain not matched goes into an "other" bucket. The result would be used as a tag in the datapoint called "isp". The result I want to ultimately compute is the total number of messages sent to those ISPs per time interval, and their delay over time (for display in Grafana). Is it possible to apply a transformation function to the value read from the file somewhere in the ingestion workflow either in telegraf or possibly kapacitor? I read through the documentation, but I cannot synthesize a solution for this myself and I found no examples online. Thanks for any advice on how to ingest this data. -- Remember to include the version number! --- You received this message because you are subscribed to the Google Groups "InfluxData" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/influxdb. To view this discussion on the web visit https://groups.google.com/d/msgid/influxdb/c8bcf1c8-b9c2-4b74-82c9-85efcfa18398%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
