谷歌流利的openvpn.log格式

时间:2019-04-25 20:16:19

标签: centos fluentd openvpn google-cloud-stackdriver google-cloud-logging

有人为openvpn日志编写过(google)流利的格式解析器吗?

openvpn日志的格式如下:

# tail /etc/openvpn/openvpn.log    
Tue Apr 23 14:36:13 2019 104.225.245.170:49687 peer info: IV_LZ4=1
Tue Apr 23 14:36:13 2019 104.225.245.170:49687 peer info: IV_LZ4v2=1
Tue Apr 23 14:36:13 2019 104.225.245.170:49687 peer info: IV_LZO=1
Tue Apr 23 14:36:13 2019 104.225.245.170:49687 peer info: IV_COMP_STUB=1
Tue Apr 23 14:36:13 2019 104.225.245.170:49687 peer info: IV_COMP_STUBv2=1
Tue Apr 23 14:36:13 2019 104.225.245.170:49687 peer info: IV_TCPNL=1
Tue Apr 23 14:36:13 2019 104.225.245.170:49687 peer info: IV_GUI_VER="net.tunnelblick.tunnelblick_5180_3.7.8__build_5180)"
Tue Apr 23 14:36:13 2019 104.225.245.170:49687 PLUGIN_CALL: POST openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0

我目前的流利日志记录设置为

# cat /etc/google-fluentd/config.d/openvpn.conf 
<source>
  @type tail
  format none
  path /etc/openvpn/openvpn.log
  pos_file /var/lib/google-fluentd/pos/openvpn.pos
  read_from_head true
  tag openvpnlog
</source>

但是,使用format none不会解析消息的日期/时间,默认情况下会假设日志已上传。

有人知道如何正确指定捕获“ Tue Apr 23 14:36:13 2019”作为日期时间的格式吗?

0 个答案:

没有答案
相关问题
最新问题