I’m using telegraf (1.4.2) to gather IIS logs and send them to InfluxDB. The log parser is grabbing the correct files and I have the grok pattern working but I noticed that all the data is being treated as a field. In the documentation (telegraf/plugins/inputs/logparser at master · influxdata/telegraf · GitHub) is says:
“By default all named captures are converted into string fields.”
Is there a way to create tags? A number of fields don’t work well as a field
thanks
Garry
Yes, just use the tag modifier, you will probably want to convert as many other fields as you can to numeric types.
Hi @daniel
Perfect, that worked great…
is there a setting that needs to be set for telegraf to poll the log? I noticed that telegraf is not picking up new entries in the log file.
thanks
Garry
It sounds like you are probably in Windows, in which case you need to set the watch_method to poll since inotify only works on Linux. However, this feature only works on the nightly builds now and will be in version 1.5.0.
Correct we are using windows…
I downloaded the nightly build and it works well, is there a timeline for when this will be released?
thanks for all your help!
Garry
Yeah the latest date is on the milestones, I usually try to start with release candidates a few weeks before.
