search

fluent / helm-charts

Helm Charts for Fluentd and Fluent Bit
Apache License 2.0
366 stars 438 forks source link

Multiline logs not parsed correctly #505

Closed mskhor closed 1 month ago

mskhor commented 1 month ago

Multiline logs are not parsed correctly in sumo, it is being parsed as separate lines.

Fluent-bit chart version: 0.20.2

Modified regex as below: fluent-bit: parsers: regex: "[{\"name\":\"multi_line\",\"regex\":\"\d{4}-\d{1,2}-\d{1,2}\.\d{2}:\d{2}:\d{2}\"}]"

Using default chart values for custom parsers as mentioned here https://github.com/fluent/helm-charts/blob/fluent-bit-0.20.2/charts/fluent-bit/values.yaml#L334

Additional parsers required separately for multiline ?

mskhor commented 1 month ago

To add main chart used is https://artifacthub.io/packages/helm/sumologic/sumologic/2.17.0