Grok Parsing on Syslog Input


We are using new syslog input in telegraf to get the logs from our applications via rsyslog. Now we want to parse the logs ( Apache, nginx, kafka, etc ) by applying grok patterns. Is it possible to apply grok pattern on syslog input?

Not yet, the global grok parser will be part of the 1.8 release. If you don’t mind using a nightly build, you can start using it now I believe.

You will need to wait for the parser processor as well, this is being worked on and I expect it will be completed in the next few weeks.