| value: ${fluentd:dollar}{ record.dig("publisher_id") } |
| value: ${fluentd:dollar}{ {'TRACE'=>7,'DEBUG'=>7,'INFO'=>6,'AUDIT'=>6,'WARNING'=>4,'ERROR'=>3,'CRITICAL'=>2}[record['priority']].to_i } |
| value: ${fluentd:dollar}{ DateTime.strptime(record.dig("payload", "eventTime"), "%Y-%m-%dT%H:%M:%S.%N%z").strftime("%Y-%m-%dT%H:%M:%S.%3NZ") } |
| - name: notification_type |
| value: ${fluentd:dollar}{ record.dig("event_type") } |
| value: ${fluentd:dollar}{ record.dig("priority") } |
| - name: environment_label |
| value: ${_param:cluster_domain} |
| value: ${fluentd:dollar}{ record.dig("payload", "action") } |
| value: ${fluentd:dollar}{ record.dig("payload", "eventType") } |
| value: ${fluentd:dollar}{ record.dig("payload", "outcome") } |
| remove_keys: '["payload", "timestamp", "publisher_id", "priority"]' |
| value: ${fluentd:dollar}{ record["payload"].to_json } |
| host: ${_param:fluentd_elasticsearch_host} |
| port: ${_param:fluentd_elasticsearch_port} |
| scheme: ${_param:fluentd_elasticsearch_scheme} |