我正在使用Riemann的默认配置设置:
; -*- mode: clojure; -*-
; vim: filetype=clojure
(logging/init {:file "riemann.log"})
; Listen on the local interface over TCP (5555), UDP (5555), and websockets
; (5556)
(let [host "127.0.0.1"]
(tcp-server {:host host})
(udp-server {:host host})
(ws-server {:host host}))
; Expire old events from the index every 5 seconds.
(periodically-expire 5)
(let [index (index)]
; Inbound events will be passed to these streams:
(streams
(default :ttl 60
; Index all events immediately.
index
; Log expired events.
(expired
(fn [event] (info "expired" event))))))
(streams
prn)
它正在输出事件(删除主机名):
#riemann.codec.Event{:host "xxxxxxxx", :service "riemann server tcp 127.0.0.1:5555 in latency 0.99", :state "ok", :description nil, :metric nil, :tags nil, :time 722617016251/500, :ttl 20}
#riemann.codec.Event{:host "xxxxxxxx", :service "riemann server tcp 127.0.0.1:5555 in latency 0.999", :state "ok", :description nil, :metric nil, :tags nil, :time 722617016251/500, :ttl 20}
#riemann.codec.Event{:host "xxxxxxxx", :service "riemann server udp 127.0.0.1:5555 in rate", :state "ok", :description nil, :metric 0.0, :tags nil, :time 722617016251/500, :ttl 20}
#riemann.codec.Event{:host "xxxxxxxx", :service "riemann server udp 127.0.0.1:5555 in latency 0.0", :state "ok", :description nil, :metric nil, :tags nil, :time 722617016251/500, :ttl 20}
#riemann.codec.Event{:host "xxxxxxxx", :service "riemann server udp 127.0.0.1:5555 in latency 0.5", :state "ok", :description nil, :metric nil, :tags nil, :time 722617016251/500, :ttl 20}
#riemann.codec.Event{:host "xxxxxxxx", :service "riemann server udp 127.0.0.1:5555 in latency 0.95", :state "ok", :description nil, :metric nil, :tags nil, :time 722617016251/500, :ttl 20}
#riemann.codec.Event{:host "xxxxxxxx", :service "riemann server udp 127.0.0.1:5555 in latency 0.99", :state "ok", :description nil, :metric nil, :tags nil, :time 722617016251/500, :ttl 20}
#riemann.codec.Event{:host "xxxxxxxx", :service "riemann server udp 127.0.0.1:5555 in latency 0.999", :state "ok", :description nil, :metric nil, :tags nil, :time 722617016251/500, :ttl 20}
时间字段以UTC时间戳形式出现,使用上面的配置我如何才能为这些名为 date 的事件添加额外字段,以显示日期为dd-mm-yyyy hh:mm:ss格式?例如:
19-10-2015 05:00:00
我有一些似乎进行时间转换的功能,但我不确定如何在配置中实现它们:
(defn logstash-v1-format
"Convert an event to a Logstash V1 format compatible document"
[event]
(merge (dissoc event :time :attributes)
(:attributes event)
{"@timestamp" (unix-to-iso8601 (:time event))
"@version" "1"
}))
(defn time-at
"Returns the Date of a unix epoch time."
[unix-time]
(java.util.Date. (long (* 1000 unix-time))))
(defn unix-to-iso8601
"Transforms unix time to iso8601 string"
[unix]
(clj-time.format/unparse (clj-time.format/formatters :date-time)
(clj-time.coerce/from-long (long (* 1000 unix)))))
答案 0 :(得分:1)
答案是将索引括在:
(adjust #(assoc % :timestamp (.format (java.text.SimpleDateFormat. "yyyy-MM-dd'T'hh:mm:ss'Z'") (java.util.Date.)) ) prn index)
最终成为:
; -*- mode: clojure; -*-
; vim: filetype=clojure
(logging/init {:file "riemann.log"})
; Listen on the local interface over TCP (5555), UDP (5555), and websockets
; (5556)
(let [host "127.0.0.1"]
(tcp-server {:host host})
(udp-server {:host host})
(ws-server {:host host}))
; Expire old events from the index every 5 seconds.
(periodically-expire 5)
(let [index (index)]
; Inbound events will be passed to these streams:
(streams
(default :ttl 60
; Index all events immediately.
(adjust #(assoc % :timestamp (.format (java.text.SimpleDateFormat. "yyyy-MM-dd'T'hh:mm:ss'Z'") (java.util.Date.)) ) prn index)
; Log expired events.
(expired
(fn [event] (info "expired" event))))))