Open
Description
I want to use this plugin to catch failed records from Elasticsearch output (e.g. "rejected by Elasticsearch") to put them into "dead-letter" output. Those failed records are emitted as fluent.warn records, with original message stored in "record" key of whole log message. What I want is to take this "record" key and move it down to fluentd pipeline as whole message itself with new tag. I did not find any documentation describing this neither for record_transformer plugin neither this one.
Example of that is wanted:
Original record:
2020-05-21 10:34:35.497925679 +0000 fluent.warn:
{
"error": "#<Fluent::Plugin::ElasticsearchErrorHandler::ElasticsearchError: 400 - Rejected by Elasticsearch [error type]: mapper_parsing_exception [reason]: 'object mapping for [sample] tried to parse field [sample] as object, but found a concrete value'>",
"location": null,
"tag": "test.log",
"time": 1589206011,
"record": {
"foo": "bar",
"key": "value",
"sample": [],
"blah-blah": 133163771
},
"message": "dump an error event: error_class=Fluent::Plugin::ElasticsearchErrorHandler::ElasticsearchError error="400 - Rejected by Elasticsearch [error type]: mapper_parsing_exception [reason]: 'object mapping for [sample] tried to parse field [sample] as object, but found a concrete value'" location=nil tag="test.log" time=1589206011 record={\"foo\"=>\"bar\", \"key\"=>\"value\", \"sample\"=>[], \"blah-blah\"=>133163771}"
}
Modified record:
2020-05-21 10:34:36.497925679 +0000 dead.log:
{
"foo": "bar",
"key": "value",
"sample": [],
"blah-blah": 133163771
}
Metadata
Metadata
Assignees
Labels
No labels