Fluent-bit

TIP

Each and every logging architecture is unique. We aim to give you a generic configuration to get you going, but ultimately, is your task to tailor it to your own needs. If you need further help, please open a Github issue or send us an email.

Find out more about Fluent bit.

JSON

The example uses Elasticsearch as a backend.

configparsers.conf

toml

[SERVICE]
    Flush        5
    Daemon       off
    Parsers_File parsers.conf
[INPUT]
    Name  tail
    Tag   logga
    Path  /Library/Application Support/Logga/audit.log

[FILTER]
    Name       parser
    Parser     docker
    Key_Name   log
    Match      logga

[OUTPUT]
    Name               es
    Match              logga
    Host               localhost
    Port               9200
    Index              logga_index // you name it
    HTTP_User          elastic
    HTTP_Passwd        *****
    Suppress_Type_Name On // Elastic 8.x + fluent-bit v2.2.0 bug workaround  
    Type               log
    Include_Tag_Key    On
    Tag_Key            tag

toml

[PARSER]
    Name         docker
    Format       json
    Time_Key     timestamp
    Time_Format  %Y-%m-%dT%H:%M:%S.%L

Fluent-bit ​

JSON ​

Fluent-bit

JSON