Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Measurement configruation #66

Closed
tevjef opened this issue Jan 6, 2017 · 7 comments
Closed

Measurement configruation #66

tevjef opened this issue Jan 6, 2017 · 7 comments

Comments

@tevjef
Copy link

tevjef commented Jan 6, 2017
edited
Loading

Is there a way to choose or override the default measurement/series name? Currently it defaults to the fluentd tag which is not ideal in some configruations.
@repeatedly
Copy link
Collaborator

What does 'measurement name' mean?

@tevjef
Copy link
Author

tevjef commented Jan 6, 2017
edited
Loading

It seems like it is called "series" in the InfluxDB ruby library. Other InfluxDB libraries I've used (Go, Java, Javascript) call it the "measurement". An issue was raised in the library repo for this naming issue.

Here is the value I'd like to be customizable:
https://github.com/fangli/fluent-plugin-influxdb/blob/master/lib/fluent/plugin/out_influxdb.rb#L143

@irom77
Copy link

irom77 commented Jan 17, 2017

I have probably similar question. I got this plugin writing syslog to InfluxDB , but I don't like whole 'message' as InfluxDB tag like below

> select * from "syslog.local0.err" limit 1
name: syslog.local0.err
-----------------------
time                    host                            ident   message
1484667052000000000     MR-DC.com  1       30:52,001901000999,THREAT,vulnerability,1,2016/01/17 15:30:52,10.3.2.7,155.19.1.6,20.16.12.5,15.19.9.9,to INTERNET,wm\clustersqlservice,,ssh,vsys1,db_backups,isp2,ae1.22,ae3.32,LF-kibana,2016/01/17 15:30:52,67393685,1,49426,22,62473,22,0x80404000,tcp,alert,"",SSH User Authentication Brute Force Attempt(40015),any,high,client-to-server,7899681,0x0,10.0.0.0-10.255.255.255,US,0,,1490491961841411253,,,0,,,,,,,,0,38,0,0,0,PROD,MR-DC,

what I want is to use format csv (see commented below) and get field1,2,3 in InfluxDB, but once I try to uncomment it I don't receive anything in the InfluxDB

<source>
  @type syslog       
  bind 0.0.0.0      
  port 11514            
  tag syslog #syslog.local0.err local0.crit 
  #format csv
  #keys field1, field2, field3
</source>

@repeatedly
Copy link
Collaborator

Is measurement parameter enough?
Configuration example:

<match app.**>
  @type influxdb
  measurement foo # use foo instead of tag
</match>

I will implement this parameter soon.

@tevjef
Copy link
Author

tevjef commented Jan 18, 2017

That would be perfect!

@repeatedly repeatedly mentioned this issue Jan 18, 2017
Merged
@repeatedly
Copy link
Collaborator

Added and released v0.3.2. Try it!

@tevjef
Copy link
Author

tevjef commented Jan 22, 2017

Thanks! It works perfectly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@repeatedly @irom77 @tevjef