CheckList
The following plugin looks up if a value in a specified list exists and then allows the addition of a record to indicate if found. Introduced in version 1.8.4
Configuration Parameters
The plugin supports the following configuration parameters
Key | Description |
---|---|
file | The single value file that Fluent Bit will use as a lookup table to determine if the specified |
lookup_key | The specific key to look up and determine if it exists, supports record accessor |
record | The record to add if the |
mode | Set the check mode. |
print_query_time | Print to stdout the elapseed query time for every matched record. Default: false |
ignore_case | Compare strings by ignoring case. Default: false |
Example Configuration
In the following configuration we will read a file test1.log
that includes the following values
Additionally, we will use the following lookup file which contains a list of malicious IPs (ip_list.txt
)
In the configuration we are using $remote_addr as the lookup key and 7.7.7.7 is malicious. This means the record we would output for the last record would look like the following
Last updated