Add description and sample for field cast pattern

yokawasa · Nov 24, 2017 · ff5f866 · ff5f866
1 parent a578f75
commit ff5f866
Show file tree

Hide file tree

Showing 3 changed files with 69 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -111,6 +111,41 @@ fluent-plugin-azure-loganalytics adds **time** and **tag** attributes by default
     tag_field_name mytag
 </match>
 ```
+### (3) Configuration with Typecast file
+
+You want to add typecast filter when you want to cast fields type. The filed type of code and size are cast by typecast filter.
+<u>fluent.conf</u>
+```
+<source>
+    @type tail                         # input plugin
+    path /var/log/apache2/access.log   # monitoring file
+    pos_file /tmp/fluentd_pos_file     # position file
+    format apache                      # format
+    tag azure-loganalytics.access      # tag
+</source>
+
+<filter **>
+    @type typecast
+    types host:string,user:string,method:string,path:string,referer:string,agent:string,code:integer,size:integer
+</filter>
+
+<match azure-loganalytics.**>
+    @type azure-loganalytics
+    customer_id 818f7bbc-8034-4cc3-b97d-f068dd4cd658
+    shared_key ppC5500KzCcDsOKwM1yWUvZydCuC3m+ds/2xci0byeQr1G3E0Jkygn1N0Rxx/yVBUrDE2ok3vf4ksCzvBmQXHw==(dummy)
+    log_type ApacheAccessLog
+    add_time_field true
+    time_field_name mytime
+    time_format %s
+    localtime true
+    add_tag_field true
+    tag_field_name mytag
+</match>
+```
+[note] you need to install [fluent-plugin-filter-typecast](https://github.com/sonots/fluent-plugin-filter_typecast) for the sample configuration above. 
+```
+gem install fluent-plugin-filter_typecast
+```
 
 ## Sample inputs and expected records
 

diff --git a/examples/fluent_typecast.conf b/examples/fluent_typecast.conf
@@ -0,0 +1,25 @@
+<source>
+    @type tail                         # input plugin
+    path /var/log/apache2/access.log   # monitoring file
+    pos_file /tmp/fluentd_pos_file     # position file
+    format apache                      # format
+    tag azure-loganalytics.access      # tag
+</source>
+
+<filter **>
+    @type typecast
+    types host:string,user:string,method:string,path:string,referer:string,agent:string,code:integer,size:integer
+</filter>
+
+<match azure-loganalytics.**>
+    @type azure-loganalytics
+    customer_id CUSTOMER_ID   # Customer ID aka WorkspaceID String
+    shared_key KEY_STRING     # The primary or the secondary Connected Sources client authentication key
+    log_type EVENT_TYPE_NAME  # The name of the event type. ex) ApacheAccessLog
+    add_time_field true
+    time_field_name mytime
+    time_format %s
+    localtime true
+    add_tag_field true
+    tag_field_name mytag
+</match>
diff --git a/test/plugin/test_azure_loganalytics.rb b/test/plugin/test_azure_loganalytics.rb
@@ -31,7 +31,7 @@ def test_configure
 
   def test_format
     d = create_driver
-    time = event_time("2011-01-02 13:14:15 UTC")
+    time = event_time("2017-11-24 01:14:15 UTC")
     d.run(default_tag: 'test') do
       d.feed(time, {"a"=>1})
       d.feed(time, {"a"=>2})
@@ -55,33 +55,33 @@ def test_write
       d.feed(
         time,
         {
-          :Log_ID => "5cdad72f-c848-4df0-8aaa-ffe033e75d57",
-          :date => "2016-12-10 09:44:32 JST",
-          :processing_time => "372",
+          :Log_ID => "5cdad72a-c848-4df0-8aaa-ffe033e75d57",
+          :date => "2017-11-24 01:44:32 JST",
+          :processing_time => 372,
           :remote => "101.202.74.59",
           :user => "-",
           :method => "GET / HTTP/1.1",
           :status => "304",
           :size => "-",
           :referer => "-",
           :agent => "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:27.0) Gecko/20100101 Firefox/27.0",
-          :eventtime => "2016-12-10T09:44:32Z"
+          :eventtime => "2017-11-24T01:44:32Z"
         })
 
       d.feed(
         time,
         {
-          :Log_ID => "7260iswx-8034-4cc3-uirtx-f068dd4cd659",
-          :date => "2016-12-10 09:45:14 JST",
-          :processing_time => "105",
+          :Log_ID => "7260iswa-8034-4cc3-uirtx-f068dd4cd659",
+          :date => "2017-11-24 01:45:14 JST",
+          :processing_time => 105,
           :remote => "201.78.74.59",
           :user => "-",
           :method => "GET /manager/html HTTP/1.1",
           :status =>"200",
           :size => "-",
           :referer => "-",
           :agent => "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0",
-          :eventtime => "2016-12-10T09:45:14Z"
+          :eventtime => "2017-11-24T01:45:14Z"
         })
     end
     data = d.events