From: vaibhav.jain1 <vaibhav.jain1@amdocs.com>
Date: Tue, 10 Oct 2017 13:03:09 +0000 (+0530)
Subject: Extract componentName from the source path of logs
X-Git-Tag: 2.0.0-ONAP~31
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=67dd405f4ace36a06a6c75341016c081c1cb3316;p=logging-analytics.git

Extract componentName from the source path of logs

The current source path for log files is:
/var/log/onap/<component_name>/<sub-component_name>. A grok filter has
been added to extract the forth token as the component name from this
source path.

Change-Id: Ic95eb9c3b5189cc8a9fecc25d498809a4095eba6
Issue-ID: LOG-74
Signed-off-by: vaibhav.jain1 <vaibhav.jain1@amdocs.com>
---

diff --git a/elasticstack/logstash/conf/onap-pipeline.conf b/elasticstack/logstash/conf/onap-pipeline.conf
index 5b32038..a382edc 100644
--- a/elasticstack/logstash/conf/onap-pipeline.conf
+++ b/elasticstack/logstash/conf/onap-pipeline.conf
@@ -130,6 +130,7 @@ filter {
       "message" => ["%{TIMESTAMP_ISO8601:Timestamp}\t%{GREEDYDATA:Thread}\t%{SPACE}%{LOGLEVEL:loglevel}%{SPACE}\t%{JAVACLASS:Logger}\t(?:[^\t]+\t)*%{GREEDYDATA:message}",
                     "(?<MDCs>.*\t)"
                    ]
+	  "source" => ["/var/log/onap/(?<componentName>[^/]+)/"]
     }
     overwrite => ["message"]
   }