Add fluentd support to ES Change-Id: I2a0e7b4f6cdfdb3fda51ed1983e68b173b600441

commit: bd25150c3c8d9a9d67684b1e72629c9e4495c67d [log] [tgz]
author: Ildar Svetlov <isvetlov@mirantis.com> Thu Nov 09 02:31:47 2017 +0400
committer: Ildar Svetlov <isvetlov@mirantis.com> Mon Nov 13 19:20:10 2017 +0400
tree: b815409774cac0dec9496cbc08eea8a8719f9292
parent: a54736f0beb8be8b5f15ba3ed5b5894f60639d00 [diff]
diff --git a/elasticsearch/meta/fluentd.yml b/elasticsearch/meta/fluentd.yml
new file mode 100644
index 0000000..29d9914
--- /dev/null
+++ b/elasticsearch/meta/fluentd.yml

@@ -0,0 +1,45 @@
+config:
+  label:
+    elasticsearch:
+      input:
+        tail_elasticsearch:
+          type: tail
+          tag: elasticsearch.general
+          path: /var/log/elasticsearch/elasticsearch.log
+          pos_file: /tmp/elasticsearch.general.pos
+          format: '/^\[(?<time>[^ ]* [^ ]*)\]\[(?<severity_label>[^ ]*) *?\]\[([^ ]*) *\] \[([^\]]*) *\] (?<Payload>.+)/'
+        tail_elasticsearch_deprecation:
+          type: tail
+          tag: elasticsearch.deprecation
+          path: /var/log/elasticsearch/elasticsearch_deprecation.log
+          pos_file: /tmp/elasticsearch.deprecation.pos
+          format: '/^\[(?<time>[^ ]* [^ ]*)\]\[(?<severity_label>[^ ]*) *?\]\[([^ ]*) *\] (?<Payload>.+)/'
+        tail_elasticsearch_index_indexing_slowlog:
+          type: tail
+          tag: elasticsearch.slowlog.indexing
+          path: /var/log/elasticsearch/elasticsearch_index_indexing_slowlog.log
+          pos_file: /tmp/elasticsearch.slowlog.indexing.pos
+          format: '/^\[(?<time>[^ ]* [^ ]*)\]\[(?<severity_label>[^ ]*) *?\]\[([^ ]*) *\] (?<Payload>.+)/'
+        tail_elasticsearch_index_search_slowlog:
+          type: tail
+          tag: elasticsearch.slowlog.search
+          path: /var/log/elasticsearch/elasticsearch_index_search_slowlog.log
+          pos_file: /tmp/elasticsearch.slowlog.search.pos
+          format: '/^\[(?<time>[^ ]* [^ ]*)\]\[(?<severity_label>[^ ]*) *?\]\[([^ ]*) *\] (?<Payload>.+)/'
+      filter:
+        match_severity:
+          type: record_transformer
+          tag: elasticsearch.**
+          enable_ruby: true
+          record:
+            - name: programname
+              value: elasticsearch
+            - name: Severity
+              value: ${ {"WARN"=>4,"INFO"=>6,"DEBUG"=>7,"TRACE"=>7}[record["severity_label"]] }
+            - name: severity_label
+              value: ${ {"WARN"=>"WARNING","INFO"=>"INFO","DEBUG"=>"DEBUG","TRACE"=>"TRACE"}[record["severity_label"]] }
+      match:
+        push_to_default:
+          tag: elasticsearch.**
+          type: relabel
+          label: default_output

diff --git a/metadata/service/support.yml b/metadata/service/support.yml
index 4e2c98a..7140e23 100644
--- a/metadata/service/support.yml
+++ b/metadata/service/support.yml

@@ -15,3 +15,5 @@
         enabled: true
       prometheus:
         enabled: true
+      fluentd:
+        enabled: true
commit	bd25150c3c8d9a9d67684b1e72629c9e4495c67d	[log] [tgz]
author	Ildar Svetlov <isvetlov@mirantis.com>	Thu Nov 09 02:31:47 2017 +0400
committer	Ildar Svetlov <isvetlov@mirantis.com>	Mon Nov 13 19:20:10 2017 +0400
tree	b815409774cac0dec9496cbc08eea8a8719f9292
parent	a54736f0beb8be8b5f15ba3ed5b5894f60639d00 [diff]